Debian 9+ - Take control over DNS using dnsmasq

The following will make it possible to control what domains that can be accessed on a local machine by using a local DNS to filter requests.

Install dnsmasq:

apt-get install dnsmasq

Edit /etc/dnsmasq.d/whatever.conf

# block all sites
address=/#/127.0.0.1
# let these through
server=/example1.com/8.8.8.8
server=/example2.com/8.8.8.8

The first line sends all unknown requests to localhost, the second two lines passes requests through.

Note that you do not need to enter subdomains, example.com will work for both example.com and www.example.com.

Restart dnsmasq to make it re-read settings:

service dnsmasq restart

Disable Network Manager interference with /etc/resolv.conf:

echo -e "[main]\ndns=none" > /etc/NetworkManager/conf.d/no-dns.conf
systemctl restart NetworkManager.service

Edit /etc/resolv.conf, to contain this:

nameserver 127.0.0.1

References:
https://superuser.com/questions/625885/dns-block-all-websites-except-for-whitelisted-sites
https://www.ctrl.blog/entry/resolvconf-tutorial

This is a personal note. Last updated: 2018-05-18 22:25:12.



LinkedIn
Klebe.se

Don't forget to pay my friend a visit too. Joakim