Commit 9022c677 authored by Jonathan Coetzee's avatar Jonathan Coetzee

Add CF malware and family and switch to malware by default

parent 3f868398
......@@ -29,16 +29,16 @@ If you want to resolve an IP address statically, add to `/etc/hosts` by passing
Setting these variables (regardless of value) will enable/disable the feature.
| Name | Outcome |
| ------------------ | --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- |
| `ADBLOCK_DISABLED` | Disable ad-blocking feature |
| `DNS_PROVIDER` | Possible values: `cloudflare`, `quad9`, `google`, `cleanbrowsing_family`, `cleanbrowsing_adult`, `cleanbrowsing_security`, `quadrant`, `libreops` (default: `cloudflare`) |
| `IP_V4` | Enable IPv4 addresses for a provider, if neither `$IP_V4` nor `$IP_V6` are set then `$IP_V4` is enabled by default |
| `IP_V6` | Enable IPv6 addresses for provider |
| `WHITELIST` | Comma or space delimited list of domains to whitelist |
| `BLACKLIST` | Comma or space delimited list of domains to blacklist |
| `MIN_TTL` | [Override minimum TTL for entries](https://00f.net/2019/11/03/stop-using-low-dns-ttls/ "Stop using ridiculously low DNS TTLs"). This technically violates DNS standards, use with care. |
| `VERBOSE` | Enable verbose Knot Resolver output |
| Name | Outcome |
| ------------------ | ---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- |
| `ADBLOCK_DISABLED` | Disable ad-blocking feature |
| `DNS_PROVIDER` | Possible values: `cloudflare`, `cloudflare_malware`, `cloudflare_family`, `quad9`, `google`, `cleanbrowsing_family`, `cleanbrowsing_adult`, `cleanbrowsing_security`, `quadrant`, `libreops` (default: `cloudflare_malware`) |
| `IP_V4` | Enable IPv4 addresses for a provider, if neither `$IP_V4` nor `$IP_V6` are set then `$IP_V4` is enabled by default |
| `IP_V6` | Enable IPv6 addresses for provider |
| `WHITELIST` | Comma or space delimited list of domains to whitelist |
| `BLACKLIST` | Comma or space delimited list of domains to blacklist |
| `MIN_TTL` | [Override minimum TTL for entries](https://00f.net/2019/11/03/stop-using-low-dns-ttls/ "Stop using ridiculously low DNS TTLs"). This technically violates DNS standards, use with care. |
| `VERBOSE` | Enable verbose Knot Resolver output |
## Implementation
......
......@@ -14,6 +14,18 @@ local configs = {
["ip6"] = {'2606:4700:4700::1111', '2606:4700:4700::1001'},
["hostname"] = 'cloudflare-dns.com',
},
["cloudflare_malware"] = {
["name"] = "Cloudflare (malware)",
["ip4"] = {'1.1.1.2', '1.0.0.2'},
["ip6"] = {'2606:4700:4700::1112', '2606:4700:4700::1002'},
["hostname"] = 'cloudflare-dns.com',
},
["cloudflare_family"] = {
["name"] = "Cloudflare (family)",
["ip4"] = {'1.1.1.3', '1.0.0.3'},
["ip6"] = {'2606:4700:4700::1113', '2606:4700:4700::1003'},
["hostname"] = 'cloudflare-dns.com',
},
["quad9"] = {
["name"] = "Quad9",
["ip4"] = {'9.9.9.9', '149.112.112.112'},
......
......@@ -46,7 +46,7 @@ end
local provider_name = os.getenv("DNS_PROVIDER")
if not provider_name then
provider_name="cloudflare"
provider_name="cloudflare_malware"
else
provider_name=string.lower(provider_name)
end
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment