Skip to content

GitLab

Commit 9022c677 authored by Jonathan Coetzee's avatar Jonathan Coetzee
Browse files
Options

Add CF malware and family and switch to malware by default

parent 3f868398
Hide whitespace changes
Inline Side-by-side
Showing with 23 additions and 11 deletions
README.md
View file @ 9022c677
......@@ -29,16 +29,16 @@ If you want to resolve an IP address statically, add to `/etc/hosts` by passing
Setting these variables (regardless of value) will enable/disable the feature.
| Name | Outcome |
| ------------------ | --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- |
| `ADBLOCK_DISABLED` | Disable ad-blocking feature |
| `DNS_PROVIDER` | Possible values: `cloudflare`, `quad9`, `google`, `cleanbrowsing_family`, `cleanbrowsing_adult`, `cleanbrowsing_security`, `quadrant`, `libreops` (default: `cloudflare`) |
| `IP_V4` | Enable IPv4 addresses for a provider, if neither `$IP_V4` nor `$IP_V6` are set then `$IP_V4` is enabled by default |
| `IP_V6` | Enable IPv6 addresses for provider |
| `WHITELIST` | Comma or space delimited list of domains to whitelist |
| `BLACKLIST` | Comma or space delimited list of domains to blacklist |
| `MIN_TTL` | [Override minimum TTL for entries](https://00f.net/2019/11/03/stop-using-low-dns-ttls/ "Stop using ridiculously low DNS TTLs"). This technically violates DNS standards, use with care. |
| `VERBOSE` | Enable verbose Knot Resolver output |
| Name | Outcome |
| ------------------ | ---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- |
| `ADBLOCK_DISABLED` | Disable ad-blocking feature |
| `DNS_PROVIDER` | Possible values: `cloudflare`, `cloudflare_malware`, `cloudflare_family`, `quad9`, `google`, `cleanbrowsing_family`, `cleanbrowsing_adult`, `cleanbrowsing_security`, `quadrant`, `libreops` (default: `cloudflare_malware`) |
| `IP_V4` | Enable IPv4 addresses for a provider, if neither `$IP_V4` nor `$IP_V6` are set then `$IP_V4` is enabled by default |
| `IP_V6` | Enable IPv6 addresses for provider |
| `WHITELIST` | Comma or space delimited list of domains to whitelist |
| `BLACKLIST` | Comma or space delimited list of domains to blacklist |
| `MIN_TTL` | [Override minimum TTL for entries](https://00f.net/2019/11/03/stop-using-low-dns-ttls/ "Stop using ridiculously low DNS TTLs"). This technically violates DNS standards, use with care. |
| `VERBOSE` | Enable verbose Knot Resolver output |
## Implementation
......
knot-resolver/Providers.lua
View file @ 9022c677
......@@ -14,6 +14,18 @@ local configs = {
["ip6"] = {'2606:4700:4700::1111', '2606:4700:4700::1001'},
["hostname"] = 'cloudflare-dns.com',
},
["cloudflare_malware"] = {
["name"] = "Cloudflare (malware)",
["ip4"] = {'1.1.1.2', '1.0.0.2'},
["ip6"] = {'2606:4700:4700::1112', '2606:4700:4700::1002'},
["hostname"] = 'cloudflare-dns.com',
},
["cloudflare_family"] = {
["name"] = "Cloudflare (family)",
["ip4"] = {'1.1.1.3', '1.0.0.3'},
["ip6"] = {'2606:4700:4700::1113', '2606:4700:4700::1003'},
["hostname"] = 'cloudflare-dns.com',
},
["quad9"] = {
["name"] = "Quad9",
["ip4"] = {'9.9.9.9', '149.112.112.112'},
......
knot-resolver/config.lua
View file @ 9022c677
......@@ -46,7 +46,7 @@ end
local provider_name = os.getenv("DNS_PROVIDER")
if not provider_name then
provider_name="cloudflare"
provider_name="cloudflare_malware"
else
provider_name=string.lower(provider_name)
end
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment