hello guys, as of writing this post this is christmas of 2019 (25 dec 2019), gosh time really goes fast!. How was the holidays? personal update: I have sevre cold & fever as of writing this, hope i’ll get better soon.


Today im going to share my method of adblocking with custom dns servers

my requiremets

  • I want adblocking solution without any addons & applications for laptops/desktops/mobile.
  • I want it universal (meaning it has to work outside of my home network)
  • I should not waste time setting it up (should be quick and simple to setup)
  • should be configurable (easy to configure)
  • should work perfectly & should not cost me anything

explanation

Sound pretty simple ain’t it? we’ll it ain’t easy to do.

crossplatform (laptop/mobile/..anydevice that has access to internet)

This requirement rules out addons, applications on all devices.

work outside of my home network)

This requirement rules out private adblocking solutions, so a server is need for this, luckly, I have server on aws, but that server is already being used for a different purpose, so it has to be minimal impact on the cpu and memory

obvious anwser would be to use pi-hole pie-hole), my experience with pie-hole is not good, let me explain what i mean by that, I had problems trying to install it(the automated script did not work for me), it took me so much time to debug the error, second is it had a extra bit of cpu load compared to my other options.

should be quick and simple to setup)

I should not waste time learning a new tool,(don’t a industrial level dns server, I just need a simple solution), plus if any error, it should be easy for me to debug.

configurable (easy to configure)

some things i looked for, should be * able to mention, forward dns vendor (google/opendns) * easy to install * easy to add adblocking lists (just add files from differnet adblock sources) * easy to add whitelists * i should have a log, to inspect if anything is not working

should not cost me anything

This makes the solution to be open source, I already have a server that i am paying for so i’ll just add this to it, So there is no additional cost.

Hidden gem - The solution

So after trying several solutions(trust me i wasted a lot of time, installing & uninstalling) I arrived at grimd, an opensource project written in go. It had all the capabilities that I mentioned above(checkout the grimd’s page), It even comes in prebuilt binaries, So i do not even have to compile anything.

Installing it to myserver

  • download the binary from the release page
  • run it on the server
  • open port 51 (udp & tcp) on firewall inside cloud instance & vendor firewall
  • add my custom adblock list to the config file (grimd.toml)
  • change default nameserver to google dns in config file
  • change the dns server on my laptops & mobiles, that is it.

that is it, that is all i have to do, here is the log where it is in action


20:29:01.341 DEBU handler.go:252 ▶ 103c insert d.joinhoney.com IN A into cache with ttl 140
20:29:11.361 INFO handler.go:102 ▶ 103d 219.91.177.2 lookup vortex.data.microsoft.com IN AAAA
20:29:11.361 DEBU cache.go:208 ▶ 103e KeyGen: vortex.data.microsoft.com IN AAAA 6210738ab9fea7763f2ba8ec16beb2c3
20:29:11.361 DEBU cache.go:123 ▶ 103f Cache: Key expired 6210738ab9fea7763f2ba8ec16beb2c3
20:29:11.361 DEBU cache.go:133 ▶ 1040 Cache: Cannot find key 6210738ab9fea7763f2ba8ec16beb2c3
20:29:11.361 DEBU handler.go:124 ▶ 1041 vortex.data.microsoft.com IN AAAA didn't hit cache
20:29:11.361 NOTI handler.go:180 ▶ 1042 vortex.data.microsoft.com found in blocklist
20:29:11.362 INFO handler.go:102 ▶ 1043 219.91.177.2 lookup vortex.data.microsoft.com IN A
20:29:11.362 DEBU cache.go:208 ▶ 1044 KeyGen: vortex.data.microsoft.com IN A 87ca3e2c1cf9d028f97ce6794f963327
20:29:11.362 DEBU cache.go:123 ▶ 1045 Cache: Key expired 87ca3e2c1cf9d028f97ce6794f963327
20:29:11.362 DEBU cache.go:133 ▶ 1046 Cache: Cannot find key 87ca3e2c1cf9d028f97ce6794f963327
20:29:11.362 DEBU handler.go:124 ▶ 1047 vortex.data.microsoft.com IN A didn't hit cache
20:29:11.362 NOTI handler.go:180 ▶ 1048 vortex.data.microsoft.com found in blocklist
20:29:30.496 INFO handler.go:102 ▶ 1049 219.91.177.2 lookup vortex.data.microsoft.com IN A
20:29:30.496 DEBU cache.go:208 ▶ 104a KeyGen: vortex.data.microsoft.com IN A 87ca3e2c1cf9d028f97ce6794f963327
20:29:30.496 DEBU cache.go:123 ▶ 104b Cache: Key expired 87ca3e2c1cf9d028f97ce6794f963327
20:29:30.496 DEBU cache.go:133 ▶ 104c Cache: Cannot find key 87ca3e2c1cf9d028f97ce6794f963327
...

> You might argue that, this is not a dns server, it is a proxy server for dns. Well it depends up how you see it

conclusion

From my experience, its simple, awsome & works great, No ads system wide! on all networks! on all devices!, My very own private dns server..XD.If you have any doubts, just dm me!