The DNS server I'm writing in PHP (largely taken from another project) is starting to work!

Next to just blocking queries it logs every blocked query so I can have stats :3

A little terminal output:

@JoshBent ;D

Looks damn cool!

@sugoi Thanks!

All that red is triggering the sys admin in me

lol

@sugoi And le stats: (only logging the blocked ones)

Planning to open source? Or share with us?

@linuxxx They should have sued Google first before suing Facebook

@sergeyBrin Yes (open sourcing)! Just want to extend it more first :D

@linuxxx Awesome! Congrats btw!

@linuxxx * realizes that I’m studying right now *

What about pi-hole?

@A-C-E I also want to be able to block domains containing a string, pi-hole can't do that :/

@linuxxx why are you blocking nos.nl?

@heymyrthe That one is just an example/for testing as I visit it often and is fast to type :)

@linuxxx ah okay, I thought I missed something haha. But nice work!

@heymyrthe Thankies 😊

@-BSD Improving it now with for example custom listsl of domains integrated with surveillance programs, it doesn't say it for everything anymore.

You can load custom hosts files into redis as well 😊

Want!

It's cool, but DNS in PHP !?

My brain has finally figured out that such posts are by linuxxx, even without opening the rant to read.

Neeeed!

Unless you are blocking all outgoing dns requests (a good network practice), it's kinda of pointless.
Anyway it would be easier to black-hole the zone in Bind.

@nbamaral How would this be pointless?

That's quite dope tbh (I tried this once but failed miserably).

But why use PHP for this? (just wondering)

@FinlayDaG33k Because I can program in php nearly without searching for stuff online :)

@linuxxx Fair enough xD

Can't wait for it to become open-source :)

Might fork it and build a "nice" web-interface for it.

Might be interesting to create a pi-hole alternative with this as if I understood you correctly, you can also block domains based on a certain string (for example: *ad* or *.adsense.*)?

@FinlayDaG33k Yes, literally does matches based on strings. So if you add .adsense., it blocks anything containing .adsense. :)

@linuxxx dope :)

Though something that always bothered me with the pihole was that it was a pain in the buttocks to create an exception for a specific machine.

Like: I use adsense to provide ads on one of "my" sites (bosses call) so I have to temporarily allow everything on adsense.com in that specific session...

@FinlayDaG33k That's a good idea!

@linuxxx It would be nice to have something like an extension for that in the browser so we don't have to open the dashboard itself all the time.

Could be a hassle, but imo worth the effort in the long run

@FinlayDaG33k My first prio is to somehow get this fucker to be reachable from the outside. I can't get it to freaking work, checked firewall stuff etc etc but nope :(

@linuxxx by "outside" I hope you mean "other machines on the LAN"...

Also, you get a connection refused or?

You probably already checked it with a `netstat` to see if it even is listening on the port you're trying to use?

If you want a more real-time chat with me, you can get my signal number by sending me a mail at: me[at-thing]<devrant username>.nl

@FinlayDaG33k Yeah that and yes I netstatted, nmapped and so on and so on. It's listening on the right port and ip. port opened, firewall entirely disabled etc etc but nope :(

Email is away!

@FinlayDaG33k Have you gone to bed? :'(

@linuxxx No, I just was watching something on YouTube :)

I have send my number to you :)

@FinlayDaG33k You're the first one ever to enter my spam folder 😅

@linuxxx "it's not a bug, it's a feature" hue

@linuxxx Cool, so can you perform regex matching on the request, and block, allow or return a completely arbitrary IP address? That'd be awesome!

@DRSDavidSoft Not a regex in my case but yeah I can match against strings. I can return anything I want aha

I love to see people writing stuff in PHP not because it's the best option but because they can. I do similar stuff sometimes. lol it's like getting Windows running on devices that normally wouldn't run it.

@garrettw Uhm I do think it's the best option for me haha. It works, so why not?

@linuxxx Just because a car is build for the average road, doesn't mean you can turn it into a race car ;)

@FinlayDaG33k True but php7+ is fast and stable as fuck so why not use it?

@linuxxx because it's a shitty language that is slow and inferior to C# and C++ </sarcasm>

@FinlayDaG33k Good that you put the sarcasm tag 😅

:^)

@linuxxx
Because an app or piece of hardware can use whatever dns server it wants A Googlecast for instance uses Google dns servers despite whatever you give it in dhcp.
Add an iptables rule at the exit gateway redirecting all dns requests to your dns server.

@nbamaral That's actually a good one, thanks!

"MASS SURVEILLANCE DOMAIN"
😂😂😂🤣🤣

Nice work man!

@xewl Hey, it's true ;)

@linuxxx would it be possible to redirect font.google.com to an according mirror or is ssl standing in the way?

@MurmeltierS I can't redirect domains, I can just return up addresses 😬

@MurmeltierS it basically checks the DNS request against a list of domains he has in his blacklist.

If it's in there, it will get blocked, if not, it will proxy the request upstream.

@Root @-BSD @heymyrthe @sergeyBrin @sugoi Not sure if you people are still interested but I finally got it to work on a vps of mine.

Working through extensive testing (mostly for security vulnerabilities, already fixed a few DoS ones) right now and going to try to improve the way I match queries against blocked hosts.

@linuxxx of course I am!

@linuxxx um, definitely?

@linuxxx count me in

noice

it's been 2 years now, still waiting for sauce D: (am working on a DNS server atm as well and can't get my head around all this stuff D:

@linuxxx 👆🏻😊
We still wants.

@FinlayDaG33k @Root I actually "finished" it ages ago, just stopped using it myself!

I'll see if I can find the project and put it online somewhere :)

@linuxxx yay ☺️