Closed gUstrx closed 8 months ago
ameshkov
commented
8 months ago Hi, our approach is the following: dnsproxy is just a DNS forwarder and we intend to keep it this way. All kinds of advanced filtering is available in AdGuard Home which is built on top of dnsproxy.
gUstrx
commented
8 months ago Hi, our approach is the following: dnsproxy is just a DNS forwarder and we intend to keep it this way. All kinds of advanced filtering is available in AdGuard Home which is built on top of dnsproxy.
But you are already blocking the "ANY" type, I just ask you to expand the list.
Blocking just two types AAAA and Type65 reduces unnecessary requests by 66% and increases responsiveness without using the large adguardhome package.
dnsproxy is used much more often than adguardhome.
ameshkov
commented
8 months ago Well, refuse_any is a part of a DNS amplification protection feature list, kind of a must have for any DNS server.
Anyways, I'd say the real feature request here is moving the filtering features from AdGuard Home to dnsproxy.
Maybe at some point we'll decide to change the current approach, but at the moment duplicating functionality seems like an overkill. Why wouldn't you use AGH instead of dnsproxy? It can be configured to work as a pure no-UI DNS filtering solution.
Thanks for the software, it's the best!
Please add a function for blocking DNS requests by type. DNS blocking type 65 (https) is very necessary.
analog ||*^$dnstype=HTTPS adguard home