How do I add additional block lists to Pi-hole?


#1

Pi-hole’s Default Block Lists

List Formats

It’s very important that whatever lists you decide to add to Pi-hole are in HOSTS format. Pi-hole’s knows how to parse these lists. As you’ll see below, things like Adblock Plus’ EasyLists can’t be automatically imported into Pi-hole.

If you are interested in adding additional domains to block, check out WaLLy3K’s blocklist compilation.

Easiest way to add additional lists

UPDATE: As of version 3.0, adlist management can now be done via the web UI, you no longer need to touch the command line for this!

By default, when pihole -g pulls in lists of domains to block, we combine several lists, which are defined in /etc/pihole/adlists.list:

# The below list amalgamates several lists we used previously.
# See `https://github.com/StevenBlack/hosts` for details
##StevenBlack's list
https://raw.githubusercontent.com/StevenBlack/hosts/master/hosts

##MalwareDomains
https://mirror1.malwaredomains.com/files/justdomains

##Cameleon
http://sysctl.org/cameleon/hosts

##Zeustracker
https://zeustracker.abuse.ch/blocklist.php?download=domainblocklist

##Disconnect.me Tracking
https://s3.amazonaws.com/lists.disconnect.me/simple_tracking.txt

##Disconnect.me Ads
https://s3.amazonaws.com/lists.disconnect.me/simple_ad.txt

##Hosts-file.net
https://hosts-file.net/ad_servers.txt

If you add any domains, then they can go anywhere in the file, so long as they are not commented out (prefixed with #)

Block More Than Advertisements

By using alternate lists, you have the ability to block tracking sites, malware domains, known spam servers, and more.
We’ve included many of these lists in adlists.default, but they are commented out. In order to use them, copy adlists.default to adlists.list and uncomment them.

These Lists Will Need Additional Parsing Logic

The lists below are not in standard hosts format. Since Pi-hole blocks ads at the DNS level, just the domain name needs to be extracted from the lists. To do this, you will likely need to use sed and awk to parse down to get just the domain names.

  • http://jansal.googlecode.com/svn/trunk/adblock/hosts
  • http://www.sa-blacklist.stearns.org/sa-blacklist/sa-blacklist.current
  • https://easylist-downloads.adblockplus.org/malwaredomains_full.txt
  • https://easylist-downloads.adblockplus.org/easyprivacy.txt
  • https://easylist-downloads.adblockplus.org/easylist.txt
  • https://easylist-downloads.adblockplus.org/fanboy-annoyance.txt
  • http://www.fanboy.co.nz/adblock/opera/urlfilter.ini
  • http://www.fanboy.co.nz/adblock/fanboy-tracking.txt

How To Parse A List To Get Just The Domain

Image you found a list you want to use, but it is formatted with a bunch of extra characters:

||unlimited-hacks.net^
||pakcircles.com^
||cracksplay.com^
||fbgamecheatz.info^
||linkz.it^

You can use sed and/or awk (or other commands) to remove the extra characters to get just the domain name. It helps to be familiar with scripting, but if you wanted to parse down the list above, you could do something like this:

curl -s http://some.list | sed 's/^||//'

This would remove the two pipes at the beginning of the lines, so your list would then look like this:

unlimited-hacks.net^
pakcircles.com^
cracksplay.com^
fbgamecheatz.info^
linkz.it^

Then, you could use sed again, or even something like cut. Since the domains won’t have a carat in the name, you can use it as a delimiter with the cut command to display only the domain name.

curl -s http://some.list | sed 's/^||//' | cut -d'^' -f-1

Which leaves you with just the domain names:

unlimited-hacks.net
pakcircles.com
cracksplay.com
fbgamecheatz.info
linkz.it

There is more than one way to parse the list down and there is no right way, however, some methods are faster. If you can combine most of your parsing into a single awk command, it can process a large list much faster. For each | that you use in the command, you are slowing down the processing as it is running in another subshell.


Howto: Add blocklists using a parsing script (i.e. Easylist)
How to add multiple hostnames to blacklist.txt?
Country specific Block list (Australia)
IPv6 is not blocked
Google Links no more authorized (solved)
Add additonal blocklists
Whitelist not deleting entries -non lists
#2

Have you investigated this site?
http://someonewhocares.org/hosts/

And this?
http://winhelp2002.mvps.org/hosts.htm


#4

(Sorry, edited your two posts together for the sake of keeping down clutter)

RE: The two lists, they are included in the StevenBlack host list which is the first list in adlists.default :slight_smile:

https://discourse.pi-hole.net/t/how-do-i-add-additional-block-lists-to-pi-hole/259/3?source_topic_id=259

#5

Thanks,

Clear reply. I did not know that and perhaps should have read better first.
Will check that before adding my next useless suggestion.


#6

This is how we learn!


#7

Which formats are accepted for the content of additional lists? I quickly glanced over the current lists, and it seems that comment lines starting with # are ok; lines containing one hostname each are ok; and lines in the format 127.0.0.1 hostname are ok.

Would lines in the format of 0.0.0.0 hostname_1 hostname_2 hostname_3 work for automatic parsing? That is how my iOS host file looks like (to stay under the iOS size limit).


#8

That format won’t work, but you could write a script to convert it.


#9

I suggest also adding this list: http://phishing.mailscanner.info/phishing.bad.sites.conf
Read about its origin here: http://phishing.mailscanner.info/

And some more lists: https://zeltser.com/malicious-ip-blocklists/


#10

Also with a free account at: https://www.malwarepatrol.net/ you get a receipt # which helps you get a dansguardian feed which works with gravity: https://lists.malwarepatrol.net/cgi/getfile?receipt=???&product=8&list=dansguardian just replace the “???” with your receipt #.


#11

Hi There,

I am new to respbarry pi and need help for some basic operation. I am getting access denied message so please let me know how i can fixed this. i have logged in with user pi


#12

Hi

Is it possible for someone to write step-by-step instructions how to enable the unused lists?

Is ti possible to do any of this from the web interface?


#13

#14

Which is a copy of what is in the OP of this thread! :joy::joy:


#15

…Which is NOT step-by-step instructions, at least not to one new to Linux.


#16

It rather clearly states the step-by-step instructions in the header:

#  To make changes to this file:                                               #
#    1. run `cp /etc/pihole/adlists.default /etc/pihole/adlists.list`          #
#    2. run `nano /etc/pihole/adlists.list`                                    #
#    3. Uncomment or comment any of the below lists

The only thing I can think of that might be confusing is commenting or uncommenting, which is simply adding or removing the # symbol at the start of a line.


#17

Thanks Mcat12 but like I said, no experience with Linux.

Run the commands where?
Through the web interface?
I installed the barebones Raspian and when I switch my monitor to the Pi there’s no video signal.


#18

You got far enough to be able to install pi-hole, I presume?

In an SSH session

Not yet, but it is something we are working on.

Hmmm, you should still get a login prompt, so that you can access the CLI.

I’ve updated the OP to make it a bit clearer on how to edit the file.


#19

Hi PromoFaux

Thanks for your patient reply.
Your answer got me started but I had to look up “SSH into your raspberry pi”… you cannot underestimate how noob one can be.

It would help a lot of first timers, if you could add to the instructions what I eventually figured out:

Type: sudo raspi-config
Select option: 5
Hit: Enter
Select option: P2
Hit: Enter
Select: Enable ssh server.
Hit: OK, to accept and reboot.

I also got Putty installed on my PC to avoid restarting the Pi just to get an active video output.

However I’m getting this:
cp: cannot create regular file ‘/etc/pihole/adlists.list’: Permission denied


#20

Try prefacing your commands with sudo which will elevate your privelages.

It’s possible that we could get a lot more detailed with what needs to be done, but opening an SSH session, and basic file manipulation are probably outside of the scope of the project, and there already plenty of guides out there!

What we are looking to do in future is put as much into the web interface as possible to make it n00b-proof (though even then, I suspect some will struggle :slight_smile: )


#21

Hi PromoFaux

Thanks for another patient reply.

Sudo helped and I got to the nano interface.
I’m interested in enabling the 5 safe lists. Will I find the instructions in the link you provided?