Skip to content

Instantly share code, notes, and snippets.

@bortzmeyer

bortzmeyer/antitrackers.md

Created November 11, 2019 10:23
Show Gist options
  • Star 1 You must be signed in to star a gist
  • Fork 0 You must be signed in to fork a gist
  • Save bortzmeyer/16341be7f3a62ac879afc58f62e78414 to your computer and use it in GitHub Desktop.
Save bortzmeyer/16341be7f3a62ac879afc58f62e78414 to your computer and use it in GitHub Desktop.
Download ZIP
Blocking hidden trackers (Eulerian, Criteo) on Knot Resolver
Raw
antitrackers.md

For the Knot DNS resolver (used for instance on the Turris:

-- https://www.shaftinc.fr/escalade-traque-eulerian.html
policy.add(policy.suffix(policy.DENY, {todname('eulerian.net.')}))
policy.add(policy.suffix(policy.DENY, {todname('dnsdelegation.io.')}))
@bortzmeyer
Copy link
Author

Note that it is not a good solution since (to quote the documentation) "The policy module currently only looks at whole DNS requests. The rules won’t be re-applied e.g. when following CNAMEs." So, it only blocks the initial QNAME while we want to block aliases. For further study.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment