Debian 9+ - Take control over DNS using dnsmasq
The following will make it possible to control what domains that can be accessed on a local machine by using a local DNS to filter requests. Install dnsmasq: apt-get install dnsmasq Edit /etc/dnsmasq.d/whatever.conf # block all sites address=/#/127.0.0.1 # let these through server=/example1.com/18.104.22.168 server=/example2.com/22.214.171.124 The first line sends all unknown requests to localhost, the second two lines passes requests through. Note that you do not need to enter subdomains, example.com will work for both example.com and www.example.com. Restart dnsmasq to make it re-read settings: service dnsmasq restart Disable Network Manager interference with /etc/resolv.conf: echo -e "[main]\ndns=none" > /etc/NetworkManager/conf.d/no-dns.conf systemctl restart NetworkManager.service Edit /etc/resolv.conf, to contain this: nameserver 127.0.0.1 References: https://superuser.com/questions/625885/dns-block-all-websites-except-for-whitelisted-sites https://www.ctrl.blog/entry/resolvconf-tutorial
This is a personal note. Last updated: 2018-05-18 22:25:12.