DNS whitelist domains

dns dnsmasq filter
5,118

You're looking for the server= directive instead of the address= directive. Unfortunately, you'll have to specify your actual DNS servers, it won't get them from resolv.conf (since you are using no-resolv to prevent that).

server=/whatsapp.com/8.8.8.8
server=/whatsapp.com/8.8.4.4
server=/example.com/8.8.8.8
server=/example.com/8.8.4.4
⋮

You probably want to generate that with a script. And of course you can use your normal DNS servers instead of Google Public DNS.

Alternatively, you can use BIND (though note that there are other configs if your goal isn't filtering).

Share:
5,118

Related videos on Youtube

mencargo
Author by

mencargo

Computer Engeneer, geek and perfectionist. DataBase, Networking, Security and Gaming.

Updated on September 18, 2022

Comments

  • mencargo
    mencargo over 1 year

    I'm trying to set a couple of DNS servers to resolve only specified domains. My first attempt was to run DNSmasq and create a manual list of domains/IPs, like so:

    no-resolv
address=/whatsapp.com/192.155.212.202

    But big services like google, twitter, whatsapp, facebook, etc.. use several IP ranges and distribute them in different ways (subdomains, protocols, geolocation, device type of the client, etc.), and this is causing some troubles.

    I think the simplest approach would be to say something like:

    Forward DNS queries of these domains to resolv.conf and block anything else

    Is there a way to do it?

  • Rob
    Rob almost 9 years
    It looks like BIND doesn't do whitelisting, only blacklisting.
  • mencargo
    mencargo about 7 years
    server= directive needs the server always, if server is not specified it will only look into hosts to find address, it won't try to query other DNS
  • KajMagnus
    KajMagnus almost 4 years
    The server=/.... lines — one adds them to /etc/dnsmasq.conf? (that's the right file, on Debian?)
  • derobert
    derobert almost 4 years
    @KajMagnus yeah, or a file in the .d directory if you have that.
  • KajMagnus
    KajMagnus almost 4 years
    @derobert Thanks — this looks simpler than installing Pi-hole.

Recents

Why Is PNG file with Drop Shadow in Flutter Web App Grainy?
How to troubleshoot crashes detected by Google Play Store for Flutter app
Cupertino DateTime picker interfering with scroll behaviour
Why does awk -F work for most letters, but not for the letter "t"?
Flutter change focus color and icon color but not works
How to print and connect to printer using flutter desktop via usb?
Critical issues have been reported with the following SDK versions: com.google.android.gms:play-services-safetynet:17.0.0
Flutter Dart - get localized country name from country code
navigatorState is null when using pushNamed Navigation onGenerateRoutes of GetMaterialPage
Android Sdk manager not found- Flutter doctor error
Flutter Laravel Push Notification without using any third party like(firebase,onesignal..etc)
How to change the color of ElevatedButton when entering text in TextField

Related

Force to use specific DNS provider at network
DNSMasq forwarding on specific domains
Can not restart dnsmasq due to " configuration syntax check [fail]"
/var/run/dnsmasq/resolv.conf nameserver contents
how to setup split-dns for vpn with network-manager
Lost editing DNS config in Ubuntu 18.04
Troubleshooting dnsmasq
How to set the upstream servers of dnsmasq on ubuntu 15.10?
NetworkManager writing to resolv.conf every reboot, breaking dnsmasq?
dnsmasq without dns functionality