There are some services using multiple subdomains which are frequently changing. While it is not possible to blacklist them all, it would be great to have the possibility to automatically block subdomains of specific hosts. Maybe based on the blocklist they are listed in (sorry for my bad english!).
Please see the solution below from @PromoFaux that you can implement manually:
Let's say I've blacklisted .xyz
with the following in /etc/dnsmasq.d/02-wildcards.conf
:
address=/.xyz/192.168.1.253
That works, and I can no longer connect to anything on the xyz
TLD. However, I know that I want to be able to access Alphabet's site (https://abc.xyz
). In order to do this, I can either create another file (to keep things seperate (e.g /etc/dnsmasq.d/03-exceptions.conf
) or add my exceptions to 02-wildcards.conf
like so:
server=/abc.xyz/8.8.8.8
server=/abc.xyz/8.8.4.4
(where 8.8.8.8
and 8.8.4.4
are your chosen upstream DNS IPs)
So, to tie it all together, the entire contents of my additional config file (the name really doesn't matter, but they are read into dnsmasq
in alphanumerical order):
pi@raspberrypi:~ $ cat /etc/dnsmasq.d/02-cust.conf
#Block Entire XYZ TLD
address=/.xyz/192.168.1.253
#Exceptions below:
#Alphabet:
server=/abc.xyz/8.8.8.8
server=/abc.xyz/8.8.4.4
remember to reload and restart dnsmasq
sudo service dnsmasq reload
sudo service dnsmasq restart
It would be great. For example ad hosting network bannerflow.com has unlimited subdomains for serving ads.
I added 'ligatus.com', 'gigya.com' and 'trackuity.com'
I also requested a feature to log the blocking
Wildcard blacklisting has been implemented and will be available with the next update.