sinkhole - blocks domains by using block lists.
Note: Based on MiekG Proof-of-Concept block plugin.
- Convert to Go Modules
- Add whitelist feature
- Add regex for filtering (both black and white listing)
- Add possibility to retrieve lists from file
- Docker of CoreDNS plus Sinkhole
- Documentation on compiling CoreDNS and Sinkhole plugin
- Probably more (see DeugNietS)
The sinkhole plugin will block any domain that is on the block lists. The block lists are downloaded on startup or otherwise once a week.
For a domain that is blocked we will return a NXDOMAIN (or pre-defined) response.
THIS IS A WORK-IN-PROGRESS. IT IS NOT PRODUCTION QUALITY!
sinkholeIf monitoring is enabled (via the prometheus directive) the following metric is exported:
coredns_block_count_total{server}- counter of total number of blocked domains.
The server label indicates which server handled the request, see the metrics plugin for details.
Block all domain on the block list(s).
. {
forward . 9.9.9.9
sinkhole
}
On startup the block lists are downloaded, and assuming 005.example.org is on the list, it will
be blocked, including any subdomains.
2018/09/30 08:40:09 [INFO] plugin/sinkhole: Block lists updated: 226126 domains added
2018/09/30 08:40:12 [INFO] plugin/sinkhole: Sinkholed 005.example.org.
2018/09/30 08:41:41 [INFO] plugin/sinkhole: Sinkholed www.005.example.org.
sinkhole currently requires a working resolver to fetch the downloads. This should be re-worked to use the proxy/forwarder (if defined).