Introducing UnboundBL, a Unbound DNS-based adblocker for OPNsense!

[alectrocute]

Hey guys,

I'm a total newbie here. I've been using OPNsense for six months now and love it; thought I'd give back by beginning development on OPNblock! It's a package which generates a configuration file for Unbound DNS, converting unlimited, external URL host-file blacklists! It also includes a regex-based whitelist.



Please check it out, give it a spin on your development (or if you're daring, production) machine and let me know what you think!

https://github.com/alectrocute/UnboundBL

There's a lot of development to do and I plan on doing it. I literally just started and finished this today, so give me a few more weeks, hehe. The plan is to make it above and beyond pfBlocker, with an NGINX-based SSL pixel server, statistics, cron-job manager, easy list management and more. In its current state, it's super barebones.

Thanks, OPNsense community!

[alectrocute]

Reserving this post for future changelog.

[alectrocute]

I'm getting strange kernel panics, related to it not showing up on the menu (sometimes?)

If anybody can help critique the code and get it up to par, that would be great. Thank you!

[marjohn56]

Interesting... installed it but all I get when reloading the lists is 'something went wrong'. I've used the same github.com entry for whitelist and for blacklist - https://hosts-file.net/ad_servers.txt, I have also added the unbound entry.


Heavy night last night so guidance is probably needed at this point. :)

[mimugmail]

Perhaps you better add a PR with WIP in subject. PR is was easier to review :)

[alectrocute]

Interesting... installed it but all I get when reloading the lists is 'something went wrong'. I've used the same github.com entry for whitelist and for blacklist - https://hosts-file.net/ad_servers.txt, I have also added the unbound entry.


Heavy night last night so guidance is probably needed at this point. :)

Hmm. Let me check that out. There's obviously more work to be done. :)

[alectrocute]

Perhaps you better add a PR with WIP in subject. PR is was easier to review :)

On github's opnsense/plugins repo?

[marjohn56]

Perhaps you better add a PR with WIP in subject. PR is was easier to review :)

On github's opnsense/plugins repo?

Yes, does not need to be perfect just PR it to there and we can rip it to pieces with greater ease.  :)


Only joking, looks nice, but will be easier to play with if there's a PR.

[youngman]

Looking forward to where this (& mimugmail's Bind plugin) might lead to!

At present I use a cron job, along with the method described here to load my DNS blacklists: https://forum.opnsense.org/index.php?topic=6734.0 & https://devinstechblog.com/block-ads-with-dns-in-opnsense/. Would be really nice to eventually transition to a nice gui interface!

Keep up the good work guys!

[alectrocute]

Hey fellas,

I've created a PR here. Please rip it apart, for the greater good! It includes some possibly breaking-changes.

https://github.com/opnsense/plugins/pull/808

Thanks!

[marjohn56]

Thanks Alec, will look at it soon.

[SuperDOS]

Nice work! been waiting for a proper adblock plugin for opnsense :D

Any thoughts of using pixelserv? https://github.com/kvic-z/pixelserv-tls

[mimugmail]

You can also use Bind plugin

[fabian]

I think this can be done using the nginx plugin and some DNS manipulations.

[kvic]

Hi,

What's the current status of this project?