Feature request: export list of domains to DNS-resolvers compatible config format (unbound, dnsmasq, bind, etc)

[Bogdan107]

I want to use specialized professional dns-resolvers, like Unbound/dnsmasq/Bind/PowerDNS or etc, for resolving Alfis domains.

Part 1 - export domain database to DNS-resolver compatible config file

I have already a localhosted resolver (in my case - it is Unbound), which used for filtering domains by many adblock lists (where each list - separated config file).
Also, this resolver used for routing domain zones, like onion/exit to Tor DNS-proxy, or i2p/b32 to I2P DNS-proxy.

I want something like:

• start sync of alfis domain lists by cron;
• export domain zones (ygg, yy, etc) to config file, compatibled with one of most popular DNS-resolvers;
• use specialized professional DNS-resolver for resolving Alfis domains, not an Alfis program.

Result may be realized as cron job, like:

alfis-sync -c /etc/alfis.conf && \
  alfis-export -c /etc/alfis.conf --format unbound > /etc/unbound/unbound.alfis.conf && \
  unbound-control reload

Request 1: Please, improve export Alfis domain database to resolver-compatible config file.

I know, that power of Alfis is in number of users, which run Alfis service. But if I use Alfis on my laptop, which configured to block all incoming connections, then no difference for network, how I use Alfis - by cron, or as a service, because my influence to domains database consistency is very insignificant.

Part 2 - separate Alfis to two programs: Alfis-as-domain-manager and Alfis-as-domain-resolver

Alfis as DNS-resolver is young program, was have (see #40), may be have now or will have an errors, which already resolved in professional DNS resolvers, like Unbound/dnsmasq/PowerDNS/Bind.
Also, Alfis dublicate long-established habit of use: filter output domain names by special configured DNS-proxy (/etc/hosts, dnsmasq/unbound, PiHole).
So, dns-resolving part of Alfis have dissonance with long time practice (domain filtering by adblock lists), have not advantage in domain resolving (comparing to professional DNS resolvers), and may be demanded by low count of users.

Request 2: Please, separate Alfis to two programs: Alfis-as-domain-manager and Alfis-as-domain-resolver.
Request 3: Please, remove domain-resolver part of Alfis from main executable program.

[Revertron]

Domains are encrypted. There is no way to export them.

And ALFIS supports ad-blocking by hosts files. You can just place ALFIS before your Unbound, and it will block domains, resolve its domains, and forward all other requests to your unbound/bind/whatever.

[Bogdan107]

Domains are encrypted. There is no way to export them.

Why domain name stored in blockchain only as hashed string?
How about improve option, that allow to store domain name also in plain text for users, who want publicate his domains?

[Bogdan107]

And ALFIS supports ad-blocking by hosts files. You can just place ALFIS before your Unbound, and it will block domains, resolve its domains, and forward all other requests to your unbound/bind/whatever.

I can use Unbound/PiHole to route ygg/yy/mesh zones to Alfis daemon. And then, all resolved ALFIS domains will be stored in unbound cache. And this variant is more optimized for high load, than use ALFIS as first hope DNS server.
I want make unix way: integrate ALFIS to my infrastructure, not integrate my infrastructure to ALFIS...

If I use ALFIS as first hope DNS server, than my DNS statistics will be something like:

• % of resolved domains by ALFIS - 0.0000001;
• % of forwarded domains - 99,999999.
  Usage ALFIS just for forwarding DNS queries - is irrational usage of CPU time...
  And if forwarding will be to another localhosted DNS resolver - it is irrational twice...

[Revertron]

Why domain name stored in blockchain only as hashed string?

This is a defence from very powerfull squatter, that is able to remine your domain while your block is not properly signed.

[Bogdan107]

Why domain name stored in blockchain only as hashed string?

This is a defence from very powerfull squatter, that is able to remine your domain while your block is not properly signed.

Domain lists, like http://[300:529f:150c:eafe::1]/, demanded already. And will be more demanded in future. Thus, in the current design of ALFIS, such resources will be third-party and could potentially create additional work that will not be fully completed and generate some speculations.

How about integrate "domain names directory" in plain text form direct into blockchain?
For example:

• insert table "name2hash" to blockchain database with columns:
  • timestamp_of_publicate::timestamp;
  • domain_name::text;
  • domain_name_hashed::text;
  • owner_signed_hash_of_row::text;
  • private_flag::bool - if this flag is True, than this domain name does not synced with connected ALFIS blockchains;
  • <any other columns>;
• automatically sync "name2hash" tables with all connected ALFIS;
• add "open domain name" command to ALFIS GUI, which publicate domain name in plain text after 3-5 days after finishing of properly signing domain name.

[Revertron]

Domain lists, like http://[300:529f:150c:eafe::1]/, demanded already. And will be more demanded in future.

DNS is not made for search engines or sites directories. Have you heard of privacy? Every domain in ALFIS is private by default. If the owner wishes to make it public, he/she/it will publish links to his services somewhere.

[Bogdan107]

DNS is not made for search engines or sites directories. Have you heard of privacy? Every domain in ALFIS is private by default. If the owner wishes to make it public, he/she/it will publish links to his services somewhere.

Function "publicate my domain name in plain text directly in blockchain after properly singing" has no conflict with "privacy by default".

[Revertron]

after properly singing

Do you wish to mine domains two times? First as "buying" domain, the second time for publication?

[Bogdan107]

Do you wish to mine domains two times? First as "buying" domain, the second time for publication?

I was incorret write: "... registered ... directly in blockchain DATABASE". E.g.: domain registered in blockchain as hashed string in mining process, but added to "name2domain" table in simple way - by "publicate query", which contain a sign string, generated with owner private key (sign string may be quickly checked by public key of owner).

[Revertron]

name2domain

Are you thinking about some parallel to blockchain structure? I think this is possible.

[Bogdan107]

Are you thinking about some parallel to blockchain structure? I think this is possible.

I think just about unix way mode of integrating ALFIS system with my comfortable environment.

If blockchain database store public domain names, than I can export domain lists to my comfort content filtering system, based on DNS system too.
Then:

• publicated domain list from ALFIS will be configured as static zones in my localhosted DNS resolver and resolved from RAM cache more quickly, than current ALFIS way (firs - make hash of domain name, than - resolve hash by searching in file, stored in file system);
• queries to unknown ALFIS domains will be forwarded from localhosted DNS resolver to ALFIS service;
• my content filtering system, based on localhosted DNS resolver, will get a standart way to manage ALFIS domains in usual way (block, forward, rewrite, log, statistics, analytics, etc).