⚡️ fast dns proxy that can run anywhere, built to black-hole internet advertisements and malware servers
Clone or download
looterz Merge pull request #50 from techno9487/add-DoH-support
Add support for DNS over HTTPS
Latest commit e292b0e Nov 12, 2018
Permalink
Failed to load latest commit information.
testdata Added testdata so that updater_test.go passes Oct 8, 2018
.travis.yml Update .travis.yml Aug 16, 2017
Dockerfile expose port 8080 for web ui Feb 11, 2018
LICENSE updated license Apr 28, 2016
README.md Update README.md Aug 16, 2017
activation.go Make linter happier Oct 8, 2018
api.go Added the possibility of retrieving query cache with a timestamp Oct 30, 2018
cache.go Added the possibility of retrieving query cache with a timestamp Oct 30, 2018
cache_test.go Added the possibility of retrieving query cache with a timestamp Oct 30, 2018
config.go Merge pull request #50 from techno9487/add-DoH-support Nov 13, 2018
go.mod Update versions in go.mod, go.sum. In particular, miekg/dns 1.0.12 wa… Nov 4, 2018
go.sum Update versions in go.mod, go.sum. In particular, miekg/dns 1.0.12 wa… Nov 4, 2018
grimd_test.go initial commit Apr 18, 2016
handler.go Add support for DNS over HTTPS Oct 29, 2018
logger.go Add SIGHUP handling to support logrotate Nov 11, 2018
logger_test.go Better tests for log level parsing Oct 28, 2018
main.go Add SIGHUP handling to support logrotate Nov 11, 2018
resolver.go Add support for DNS over HTTPS Oct 29, 2018
server.go Merge branch 'blocklist_state' of github.com:emdioh/grimd into blockl… Oct 9, 2018
updater.go Async mode working. Reload still hangs the API server Oct 8, 2018
updater_test.go Small refactor to the list files parser, added a parser test Oct 7, 2018
utils.go Added the possibility of retrieving query cache with a timestamp Oct 30, 2018

README.md

grimd

Travis Go Report Card GoDoc

⚡️ Fast dns proxy that can run anywhere, built to black-hole internet advertisements and malware servers.

Based on kenshinx/godns and miekg/dns.

Installation

go get github.com/looterz/grimd

You can also download one of the releases, detailed guides and resources can be found on the wiki.

Configuration

If grimd.toml is not found, it will be generated for you, below is the default configuration.

# version this config was generated from
version = "1.0.2"

# list of sources to pull blocklists from, stores them in ./sources
sources = [
"http://mirror1.malwaredomains.com/files/justdomains",
"https://raw.githubusercontent.com/StevenBlack/hosts/master/hosts",
"http://sysctl.org/cameleon/hosts",
"https://zeustracker.abuse.ch/blocklist.php?download=domainblocklist",
"https://s3.amazonaws.com/lists.disconnect.me/simple_tracking.txt",
"https://s3.amazonaws.com/lists.disconnect.me/simple_ad.txt",
"http://hosts-file.net/ad_servers.txt",
"https://raw.githubusercontent.com/quidsup/notrack/master/trackers.txt"
]

# list of locations to recursively read blocklists from (warning, every file found is assumed to be a hosts-file or domain list)
sourcedirs = [
"sources"
]

# location of the log file
log = "grimd.log"

# what kind of information should be logged, 0 = errors and important operations, 1 = dns queries, 2 = debug
loglevel = 0

# address to bind to for the DNS server
bind = "0.0.0.0:53"

# address to bind to for the API server
api = "127.0.0.1:8080"

# ipv4 address to forward blocked queries to
nullroute = "0.0.0.0"

# ipv6 address to forward blocked queries to
nullroutev6 = "0:0:0:0:0:0:0:0"

# nameservers to forward queries to
nameservers = ["8.8.8.8:53", "8.8.4.4:53"]

# concurrency interval for lookups in miliseconds
interval = 200

# query timeout for dns lookups in seconds
timeout = 5

# cache entry lifespan in seconds
expire = 600

# cache capacity, 0 for infinite
maxcount = 0

# question cache capacity, 0 for infinite but not recommended (this is used for storing logs)
questioncachecap = 5000

# manual blocklist entries
blocklist = []

# manual whitelist entries
whitelist = [
	"getsentry.com",
	"www.getsentry.com"
]

# When this string is queried, toggle grimd on and off
togglename = ""

# If not zero, the delay in seconds before grimd automaticall reactivates after
# having been turned off.
reactivationdelay = 300

Building

Requires golang 1.7 or higher, you build grimd like any other golang application, for example to build for linux x64

env GOOS=linux GOARCH=amd64 go build -v github.com/looterz/grimd

Web API

A restful json api is exposed by default on the local interface, allowing you to build web applications that visualize requests, blocks and the cache. reaper is the default grimd web frontend.

reaper-example

Speed

Incoming requests spawn a goroutine and are served concurrently, and the block cache resides in-memory to allow for rapid lookups, while answered queries are cached allowing grimd to serve thousands of queries at once while maintaining a memory footprint of under 15mb for 100,000 blocked domains!

Daemonize

You can find examples of different daemon scripts for grimd on the wiki.