Create a separate IP only list #12

New issue

Open

opened 2019-12-16 01:46:57 +00:00 by forkoz · 2 comments

forkoz commented

2019-12-16 01:46:57 +00:00

I'm using Dnscrypt-proxy and when I add the entire hosts to my blocklist, the IPs are ignored. Block by IP is a separate file, possibly on other utilities too.

Thank you for this source by the way as I couldn't find a complete list anywhere else.

I'm using Dnscrypt-proxy and when I add the entire hosts to my blocklist, the IPs are ignored. Block by IP is a separate file, possibly on other utilities too. Thank you for this source by the way as I couldn't find a complete list anywhere else.

geoffrey commented

2019-12-17 23:41:06 +00:00

Owner

If you're talking about the 0.0.0.0 in the beginning of each line, that's to be expected from a hosts files. If you want the raw list, just drop the -hosts part in the URL.

If you're talking about the IP addresses begging to be blocked, it's an artifact of the list generation process. Specifically, the subdomain gathering process also gathers IP, and some domain name servers return valid values when you give them IP rather than domains name, which they shouldn't.

Those should disappear on the next full re-run of the process which should happen soon. In the meantime, being ignored is the correct behavior, as they will be blocked anyway with the hostnames later in the list.

I don't have plans yet to maintain a list of IP addresses resolving to third party trackers. If the DNS resolver you're using as an ad-blocker is able to block by IPs, then it should be able to block by CNAME, in which case you only need a much shorter list (sounds like DNSCrypt does).

However, such a list could be useful for not-DNS-aware ad-blocker such as network firewalls. I'm not even sure those are even a thing, so if anyone would want that, feel free to manifest yourself.

If you're talking about the 0.0.0.0 in the beginning of each line, that's to be expected from a hosts files. If you want the raw list, just drop the `-hosts` part in the URL. --- If you're talking about the IP addresses begging to be blocked, it's an artifact of the list generation process. Specifically, the subdomain gathering process also gathers IP, and some domain name servers return valid values when you give them IP rather than domains name, which they shouldn't. Those should disappear on the next full re-run of the process which should happen soon. In the meantime, being ignored is the correct behavior, as they will be blocked anyway with the hostnames later in the list. --- I don't have plans yet to maintain a list of IP addresses resolving to third party trackers. If the DNS resolver you're using as an ad-blocker is able to block by IPs, then it should be able to block by CNAME, in which case you only need [a much shorter list](https://git.frogeye.fr/geoffrey/eulaurarien/src/branch/master/rules/first-party.list) (sounds like DNSCrypt does). However, such a list could be useful for not-DNS-aware ad-blocker such as network firewalls. I'm not even sure those are even a thing, so if anyone would want that, feel free to manifest yourself.

forkoz commented

2019-12-19 17:12:38 +00:00

Author

dnscrypt supports blocking hostnames or ips or both through separate lists. so the ips in that list were ignored. I thought you were going to keep adding those.

cname blocking is newly supported but the new version has not pushed out to windows nor linux yet.

dnscrypt supports blocking hostnames or ips or both through separate lists. so the ips in that list were ignored. I thought you were going to keep adding those. cname blocking is newly supported but the new version has not pushed out to windows nor linux yet.