Updated Aug. 28, 2024. Take back your privacy Firefox is rolling out Total Cookie Protection by default to more Firefox users worldwide, making Firefox the
I go hard with DNS-based ad blocking and I’m constantly confirming it works by checking the network tab in developer tools. I’m basically only seeing first party scripts and CDN assets — 99% of websites load all the tracking garbage from third-party domains that can be easily blocked.
Is it something you can talk about? I’m currently in the process of trying to switch from pihole to pfblockerng but am interested if there are better alternatives
At a high level it involves a terrible custom parser written in Ruby for several formats of DNS blocklists. It finds the proper domain then outputs a large configuration file for Unbound.
I’ve attempted to Dockerize it but honestly, I think it would be better to use a superior parser written in another language that can be statically compiled.
I was using Fly.io to host it in various regions using an Anycast IP, but since I’ve moved onto using VPN for everything I’ve moved it to a few hosts acting as Tailscale exit nodes. Those exit nodes provide the blocking DNS service along with rewriting incoming Tailscale client traffic to route out of another network interface assigned to a VPN provider.
Had I unlimited free time I’d rewrite the parser in Crystal, but part of me thinks there’s got to be something already written by someone in Go.
I go hard with DNS-based ad blocking and I’m constantly confirming it works by checking the network tab in developer tools. I’m basically only seeing first party scripts and CDN assets — 99% of websites load all the tracking garbage from third-party domains that can be easily blocked.
Pihole?
It’s a common solution but I do something more involved and manual, but it’s the same concept.
Is it something you can talk about? I’m currently in the process of trying to switch from pihole to pfblockerng but am interested if there are better alternatives
At a high level it involves a terrible custom parser written in Ruby for several formats of DNS blocklists. It finds the proper domain then outputs a large configuration file for Unbound.
I’ve attempted to Dockerize it but honestly, I think it would be better to use a superior parser written in another language that can be statically compiled.
I was using Fly.io to host it in various regions using an Anycast IP, but since I’ve moved onto using VPN for everything I’ve moved it to a few hosts acting as Tailscale exit nodes. Those exit nodes provide the blocking DNS service along with rewriting incoming Tailscale client traffic to route out of another network interface assigned to a VPN provider.
Had I unlimited free time I’d rewrite the parser in Crystal, but part of me thinks there’s got to be something already written by someone in Go.