search

fabriziosalmi / blacklists

Hourly updated domains blacklist 🚫
https://github.com/fabriziosalmi/blacklists/releases/download/latest/blacklist.txt
GNU General Public License v3.0
117 stars 5 forks source link

Documentation #36

Closed fabriziosalmi closed 11 months ago

fabriziosalmi commented 1 year ago

We can break this down into multiple steps:

  1. Fetching the Blacklist: This will involve setting up a scheduled task to download the blacklist every hour.
  2. Integration with Squid Proxy: Configuring Squid to use this blacklist.
  3. Integration with Pi-hole/AdGuard Home: Getting the blacklist into a format and location that Pi-hole/AdGuard Home can utilize.

1. Fetching the Blacklist

You can use a simple script with wget or curl to fetch the list:

#!/bin/bash
BLACKLIST_URL="https://get.domainsblacklists.com/blacklist.txt"
BLACKLIST_PATH="/path/to/save/blacklist.txt"
wget -O "$BLACKLIST_PATH" "$BLACKLIST_URL"

To make this run every hour, use cron. Edit the crontab with:

crontab -e

And add the following line:

0 * * * * /path/to/script.sh

2. Integration with Squid Proxy

Squid can use ACLs (Access Control Lists) to block domains:

Edit your squid.conf:

sudo nano /etc/squid/squid.conf

Add the following:

acl blacklisted_domains dstdomain "/path/to/save/blacklist.txt"
http_access deny blacklisted_domains

Reload Squid:

sudo systemctl reload squid

For direct IPs, you would have to handle those separately, possibly at a firewall level or another level of your network configuration.

3. Integration with Pi-hole/AdGuard Home

Remember to periodically update Pi-hole/AdGuard blocklists.

Note: Before applying any blocklist, always review the list to make sure legitimate domains that you want/need to access aren't being blocked. Also, ensure that your tools can handle the size of the blocklist, especially if it's a long one. Always test in a controlled environment first.

fabriziosalmi commented 1 year ago

FIX: for squid direct ip block snippet go here