How to block many external DNS servers in dnsmasq

Post new topic   Reply to topic    DD-WRT Forum Index -> Contributions Upload
Author Message
ciscodlink
DD-WRT User


Joined: 13 May 2014
Posts: 273

PostPosted: Tue Jan 18, 2022 20:22    Post subject: How to block many external DNS servers in dnsmasq Reply with quote
With the many browsers enabling DNS-over-TLS or DNS-over-HTTPS or Secure DNS...

it is possible for users to bypass the routers' dns service (I use dnscrypt FYI ) and potentially leak information or bypass filters.

Unfortunately it doesn't seem like you can forward or reroute the traffic, but you can block it, thus forcing users to disable the setting in their browser.

To do so add the following to "Additional Dnsmasq Options"
Code:
##Block other DNS
server=/1dot1dot1dot1.cloudflare-dns.com/
server=/a.ns.dnslify.com/
server=/adblock.mydns.network/
server=/adult-filter-dns.cleanbrowsing.org/
server=/b.ns.dnslify.com/
server=/canadianshield.cira.ca/
server=/cloudflare-dns.com/
server=/cloudflare-gateway.com/
server=/commons.host/
server=/dns-family.adguard.com/
server=/dns-gcp.aaflalo.me/
server=/dns-nosec.quad9.net/
server=/dns-nyc.aaflalo.me/
server=/dns-unfiltered.adguard.com/
server=/dns.233py.com/
server=/dns.233py.com.cdn.cloudflare.net/
server=/dns.aa.net.uk/
server=/dns.aaflalo.me/
server=/dns.adguard.com/
server=/dns.alekberg.net/
server=/dns.bitgeek.in/
server=/dns.brahma.world/
server=/dns.cloudflare.com/
server=/dns.cmrg.net/
server=/dns.containerpi.co/
server=/dns.containerpi.com/
server=/dns.developer.li/
server=/dns.digitale-gesellschaft.ch/
server=/dns.dns-over-https.com/
server=/dns.dnsoverhttps.net/
server=/dns.flatuslifir.is/
server=/dns.google/
server=/dns.google.com/
server=/dns.hostux.net/
server=/dns.keweon.center/
server=/dns.larsdebruin.net/
server=/dns.neutopia.org/
server=/dns.nixnet.xyz/
server=/dns.oszx.co/
server=/dns.pumplex.com/
server=/dns.quad9.net/
server=/dns.rubyfish.cn/
server=/dns.t53.de/
server=/dns.twnic.tw/
server=/dns1.digitale-gesellschaft.ch/
server=/dns1.dnscrypt.ca/
server=/dns10.quad9.net/
server=/dns11.quad9.net/
server=/dns2.alekberg.net/
server=/dns2.developer.li/
server=/dns2.digitale-gesellschaft.ch/
server=/dns2.dnscrypt.ca/
server=/dns9.quad9.net/
server=/dnsforge.de/
server=/dnsotls.lab.nic.cl/
server=/dnsovertls.sinodun.com/
server=/dnsovertls1.sinodun.com/
server=/dnsovertls2.sinodun.com/
server=/dnsovertls3.sinodun.com/
server=/dnsse.alekberg.net/
server=/doh-2.seby.io/
server=/doh-ch.blahdns.com/
server=/doh-de.blahdns.com/
server=/doh-fi.blahdns.com/
server=/doh-ipv6.crypto.sx/
server=/doh-jp.blahdns.com/
server=/doh.233py.com/
server=/doh.42l.fr/
server=/doh.applied-privacy.net/
server=/doh.appliedprivacy.net/
server=/doh.armadillodns.net/
server=/doh.asecdns.com/
server=/doh.blahdns.com/
server=/doh.captnemo.in/
server=/doh.centraleu.pi-dns.com/
server=/doh.cleanbrowsing.org/
server=/doh.crypto.sx/
server=/doh.defaultroutes.de/
server=/doh.dns.sb/
server=/doh.dnslify.com/
server=/doh.eastus.pi-dns.com/
server=/doh.familyshield.opendns.com/
server=/doh.ffmuc.net/
server=/doh.gslb2.xfinity.com/
server=/doh.li/
server=/doh.libredns.gr/
server=/doh.libredns.org/
server=/doh.netweaver.uk/
server=/doh.northeu.pi-dns.com/
server=/doh.opendns.com/
server=/doh.powerdns.org/
server=/doh.seby.io/
server=/doh.tiar.app/
server=/doh.tiarap.org/
server=/doh.westeu.pi-dns.com/
server=/doh.xfinity.com/
server=/dohdot.coxlab.net/
server=/dohtrial.att.net/
server=/dot-de.blahdns.com/
server=/dot-jp.blahdns.com/
server=/dot.asecdns.com/
server=/dot.xfinity.com/
server=/dot1.appliedprivacy.net/
server=/ea-dns.rubyfish.cn/
server=/edns.233py.com/
server=/example.doh.blockerdns.com/
server=/family-filter-dns.cleanbrowsing.org/
server=/family.cloudflare-dns.com/
server=/fi.doh.dns.snopyta.org/
server=/getdnsapi.net/
server=/google-public-dns-a.google.com/
server=/google-public-dns-b.google.com/
server=/i.233py.com/
server=/i.233py.com.a.bdydns.com/
server=/iana.tenta.io/
server=/ibksturm.synology.me/
server=/ibuki.cgnat.net/
server=/jcdns.fun/
server=/jp.gridns.xyz/
server=/jp.tiar.app/
server=/jp.tiarap.org/
server=/kaitain.restena.lu/
server=/lux1.nixnet.xyz/
server=/lv1.nixnet.xyz/
server=/mozilla.cloudflare-dns.com/
server=/ndns.233py.com/
server=/ns1.dnsprivacy.at/
server=/ns2.dnsprivacy.at/
server=/ny1.nixnet.xyz/
server=/odvr.nic.cz/
server=/one.one.one.one/
server=/opencdn.jomodns.com/
server=/opennic.tenta.io/
server=/ordns.he.net/
server=/privacydns.go6lab.si/
server=/public-dns-a.dns.sb/
server=/public-dns-b.dns.sb/
server=/public.dns.iij.jp/
server=/rdns.faelix.net/
server=/resolver-eu.lelux.fi/
server=/resolver1-fs.opendns.com/
server=/resolver1.opendns.com/
server=/resolver2-fs.opendns.com/
server=/resolver2.opendns.com/
server=/rpz-public-resolver1.rrdns.pch.net/
server=/rumpelsepp.org/
server=/sdns.233py.com/
server=/security-filter-dns.cleanbrowsing.org/
server=/security.cloudflare-dns.com/
server=/sg.gridns.xyz/
server=/tls-dns-u.odvr.dns-oarc.net/
server=/unicast.censurfridns.dk/
server=/unicast.uncensoreddns.org/
server=/uw-dns.rubyfish.cn/
server=/wdns.233py.com/
server=/dns.nextdns.io/
server=/dns1.nextdns.io/
server=/dns2.nextdns.io/
server=/firefox.dns.nextdns.io/
Sponsor
Display posts from previous:    Page 1 of 1
Post new topic   Reply to topic    DD-WRT Forum Index -> Contributions Upload All times are GMT

Navigation

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You cannot attach files in this forum
You cannot download files in this forum