Join GitHub today
GitHub is home to over 50 million developers working together to host and review code, manage projects, and build software together.
Sign upadd built-in support for blacklisting domains via the local DNS resolver #184
Labels
Comments
|
Do you want a user-facing app to allow users to add/remove domains? |
|
It should probably be in the Settings app whether or not it's implemented as a separate app, similar to Updater. |
|
Could DNSCrypt service be used as a local resolver? It can even mimic DOH server for Private DNS and already has built-in extended blacklist support or cloaking. |
|
That doesn't make sense as a way of implementing this. |
|
It's not wanted. The existing DNS-over-TLS implementation is fine and we don't want to add and maintain a bunch of complexity for bikeshedding it, sorry. |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Domain-based filtering can be done without this by configuring a custom Private DNS server or a local DNS service provided by a VPN service app (does not require the app to intercept any traffic). However, it would be nice to support custom local blacklists.
This should be efficient, unlike a hosts file, i.e. it should actually use an existing cache or a new hash table.
Private DNS isn't compatible with domain-based apps, since the DNS traffic is passed through them encrypted. This means users are pushed to disable Private DNS by the apps, and they generally won't provide their own implementation of encrypted DNS.