README
¶
sinkhole
Name
sinkhole - blocks domains by using block lists.
Note: Based on MiekG Proof-of-Concept block plugin.
To-Do
- Convert to Go Modules
- Add whitelist feature
- Add regex for filtering (both black and white listing)
- Add possibility to retrieve lists from file
- Docker of CoreDNS plus Sinkhole
- Documentation on compiling CoreDNS and Sinkhole plugin
- Probably more (see DeugNietS)
Description
The sinkhole plugin will block any domain that is on the block lists. The block lists are downloaded on startup or otherwise once a week.
For a domain that is blocked we will return a NXDOMAIN (or pre-defined) response.
THIS IS A WORK-IN-PROGRESS. IT IS NOT PRODUCTION QUALITY!
Syntax
sinkhole
Metrics
If monitoring is enabled (via the prometheus directive) the following metric is exported:
coredns_block_count_total{server}- counter of total number of blocked domains.
The server label indicates which server handled the request, see the metrics plugin for details.
Examples
Block all domain on the block list(s).
. {
forward . 9.9.9.9
sinkhole
}
On startup the block lists are downloaded, and assuming 005.example.org is on the list, it will
be blocked, including any subdomains.
2018/09/30 08:40:09 [INFO] plugin/sinkhole: Block lists updated: 226126 domains added
2018/09/30 08:40:12 [INFO] plugin/sinkhole: Sinkholed 005.example.org.
2018/09/30 08:41:41 [INFO] plugin/sinkhole: Sinkholed www.005.example.org.
Known limitations
sinkhole currently requires a working resolver to fetch the downloads. This should be re-worked to use the proxy/forwarder (if defined).
Documentation
¶
Overview ¶
Package example is a CoreDNS plugin that prints "example" to stdout on every packet received.
It serves as an example CoreDNS plugin with numerous code comments.
Index ¶
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
This section is empty.
Source Files