curben
/
urlhaus-filter
mirror of https://gitlab.com/malware-filter/urlhaus-filter
1
0
Fork 0
Code Issues Releases Wiki Activity

feat: dnscrypt-proxy blocklists 

- support names and IPs
- https://github.com/DNSCrypt/dnscrypt-proxy
This commit is contained in:
MDLeom 2021-07-18 09:01:55 +00:00
parent f05b25242c
commit 1bffc0fb47
No known key found for this signature in database
GPG Key ID: 32D3E28E96A695E8
6 changed files with 726241 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

77
README.md
View File

@ -13,6 +13,7 @@ There are multiple formats available, refer to the appropriate section according
- [Dnsmasq](#dnsmasq)
- BIND -> BIND [zone](#bind) or [RPZ](#response-policy-zone)
- [Unbound](#unbound)
- [dnscrypt-proxy](#dnscrypt-proxy)
- Internet Explorer -> [Tracking Protection List (IE)](#tracking-protection-list-ie)
- [Snort2](#snort2)
- [Snort3](#snort3)
@ -457,6 +458,78 @@ Lite version (online domains only):
</details>
## dnscrypt-proxy
### Install
```
# Create a new folder to store the blocklist
mkdir -p /etc/dnscrypt-proxy/
# Create a new cron job for daily update
printf '#!/bin/sh\ncurl -L "https://curben.gitlab.io/malware-filter/urlhaus-filter-dnscrypt-blocked-names.txt" -o "/etc/dnscrypt-proxy/urlhaus-filter-dnscrypt-blocked-names.txt"\n' > /etc/cron.daily/urlhaus-filter
printf '\ncurl -L "https://curben.gitlab.io/malware-filter/urlhaus-filter-dnscrypt-blocked-ips.txt" -o "/etc/dnscrypt-proxy/urlhaus-filter-dnscrypt-blocked-ips.txt"\n' >> /etc/cron.daily/urlhaus-filter
# cron job requires execution permission
chmod 755 /etc/cron.daily/urlhaus-filter
```
Configure dnscrypt-proxy to use the blocklist:
``` diff
[blocked_names]
+ blocked_names_file = '/etc/dnscrypt-proxy/urlhaus-filter-dnscrypt-blocked-names.txt'
[blocked_ips]
+ blocked_ips_file = '/etc/dnscrypt-proxy/urlhaus-filter-dnscrypt-blocked-ips.txt'
```
- https://curben.gitlab.io/malware-filter/urlhaus-filter-dnscrypt-blocked-names.txt
- https://curben.gitlab.io/malware-filter/urlhaus-filter-dnscrypt-blocked-ips.txt
<details>
<summary>Mirrors</summary>
- https://cdn.statically.io/gl/curben/urlhaus-filter/master/urlhaus-filter-dnscrypt-blocked-names.txt
- https://glcdn.githack.com/curben/urlhaus-filter/raw/master/urlhaus-filter-dnscrypt-blocked-names.txt
- https://raw.githubusercontent.com/curbengh/urlhaus-filter/master/urlhaus-filter-dnscrypt-blocked-names.txt
- https://cdn.statically.io/gh/curbengh/urlhaus-filter/master/urlhaus-filter-dnscrypt-blocked-names.txt
- https://gitcdn.xyz/repo/curbengh/urlhaus-filter/master/urlhaus-filter-dnscrypt-blocked-names.txt
- https://cdn.jsdelivr.net/gh/curbengh/urlhaus-filter/urlhaus-filter-dnscrypt-blocked-names.txt
- https://cdn.statically.io/gl/curben/urlhaus-filter/master/urlhaus-filter-dnscrypt-blocked-ips.txt
- https://glcdn.githack.com/curben/urlhaus-filter/raw/master/urlhaus-filter-dnscrypt-blocked-ips.txt
- https://raw.githubusercontent.com/curbengh/urlhaus-filter/master/urlhaus-filter-dnscrypt-blocked-ips.txt
- https://cdn.statically.io/gh/curbengh/urlhaus-filter/master/urlhaus-filter-dnscrypt-blocked-ips.txt
- https://gitcdn.xyz/repo/curbengh/urlhaus-filter/master/urlhaus-filter-dnscrypt-blocked-ips.txt
- https://cdn.jsdelivr.net/gh/curbengh/urlhaus-filter/urlhaus-filter-dnscrypt-blocked-ips.txt
</details>
<br />
Lite version (online domains only):
- https://curben.gitlab.io/malware-filter/urlhaus-filter-dnscrypt-blocked-names-online.txt
- https://curben.gitlab.io/malware-filter/urlhaus-filter-dnscrypt-blocked-ips-online.txt
<details>
<summary>Mirrors</summary>
- https://cdn.statically.io/gl/curben/urlhaus-filter/master/urlhaus-filter-dnscrypt-blocked-names-online.txt
- https://glcdn.githack.com/curben/urlhaus-filter/raw/master/urlhaus-filter-dnscrypt-blocked-names-online.txt
- https://raw.githubusercontent.com/curbengh/urlhaus-filter/master/urlhaus-filter-dnscrypt-blocked-names-online.txt
- https://cdn.statically.io/gh/curbengh/urlhaus-filter/master/urlhaus-filter-dnscrypt-blocked-names-online.txt
- https://gitcdn.xyz/repo/curbengh/urlhaus-filter/master/urlhaus-filter-dnscrypt-blocked-names-online.txt
- https://cdn.jsdelivr.net/gh/curbengh/urlhaus-filter/urlhaus-filter-dnscrypt-blocked-names-online.txt
- https://cdn.statically.io/gl/curben/urlhaus-filter/master/urlhaus-filter-dnscrypt-blocked-ips-online.txt
- https://glcdn.githack.com/curben/urlhaus-filter/raw/master/urlhaus-filter-dnscrypt-blocked-ips-online.txt
- https://raw.githubusercontent.com/curbengh/urlhaus-filter/master/urlhaus-filter-dnscrypt-blocked-ips-online.txt
- https://cdn.statically.io/gh/curbengh/urlhaus-filter/master/urlhaus-filter-dnscrypt-blocked-ips-online.txt
- https://gitcdn.xyz/repo/curbengh/urlhaus-filter/master/urlhaus-filter-dnscrypt-blocked-ips-online.txt
- https://cdn.jsdelivr.net/gh/curbengh/urlhaus-filter/urlhaus-filter-dnscrypt-blocked-ips-online.txt
</details>
## Tracking Protection List (IE)
This blocklist includes domains only. Supported in Internet Explorer 9+.
@ -633,6 +706,10 @@ rule-files:
- https://gitlab.com/iosprivacy/urlhaus-filter-mirror/raw/master/urlhaus-filter-rpz-online.conf
- https://gitlab.com/iosprivacy/urlhaus-filter-mirror/raw/master/urlhaus-filter-unbound.conf
- https://gitlab.com/iosprivacy/urlhaus-filter-mirror/raw/master/urlhaus-filter-unbound-online.conf
- https://gitlab.com/iosprivacy/urlhaus-filter-mirror/raw/master/urlhaus-filter-dnscrypt-blocked-names.txt
- https://gitlab.com/iosprivacy/urlhaus-filter-mirror/raw/master/urlhaus-filter-dnscrypt-blocked-names-online.txt
- https://gitlab.com/iosprivacy/urlhaus-filter-mirror/raw/master/urlhaus-filter-dnscrypt-blocked-ips.txt
- https://gitlab.com/iosprivacy/urlhaus-filter-mirror/raw/master/urlhaus-filter-dnscrypt-blocked-ips-online.txt
- https://gitlab.com/iosprivacy/urlhaus-filter-mirror/raw/master/urlhaus-filter.tpl
- https://gitlab.com/iosprivacy/urlhaus-filter-mirror/raw/master/urlhaus-filter-online.tpl
- https://gitlab.com/iosprivacy/urlhaus-filter-mirror/raw/master/urlhaus-filter-snort2-online.rules

24
script.sh
View File

@ -303,6 +303,30 @@ sed '1 i\'"$COMMENT_ONLINE"'' | \
sed "1s/Blocklist/Unbound Blocklist/" > "../urlhaus-filter-unbound-online.conf"
## dnscrypt-proxy blocklists
# name-based
cat "malware-hosts.txt" | \
sed '1 i\'"$COMMENT"'' | \
sed "1s/Domains/Names/" > "../urlhaus-filter-dnscrypt-blocked-names.txt"
cat "malware-hosts-online.txt" | \
sed '1 i\'"$COMMENT_ONLINE"'' | \
sed "1s/Domains/Names/" > "../urlhaus-filter-dnscrypt-blocked-names-online.txt"
## IPv4-based
cat "malware-domains.txt" | \
sort | \
grep -E "^([0-9]{1,3}[\.]){3}[0-9]{1,3}$" | \
sed '1 i\'"$COMMENT"'' | \
sed "1s/Domains/IPs/" > "../urlhaus-filter-dnscrypt-blocked-ips.txt"
cat "malware-domains-online.txt" | \
sort | \
grep -E "^([0-9]{1,3}[\.]){3}[0-9]{1,3}$" | \
sed '1 i\'"$COMMENT_ONLINE"'' | \
sed "1s/Domains/IPs/" > "../urlhaus-filter-dnscrypt-blocked-ips-online.txt"
## Temporarily disable command print
set +x

4353
urlhaus-filter-dnscrypt-blocked-ips-online.txt Normal file
View File

File diff suppressed because it is too large Load Diff

610438
urlhaus-filter-dnscrypt-blocked-ips.txt Normal file
View File

File diff suppressed because it is too large Load Diff

1105
urlhaus-filter-dnscrypt-blocked-names-online.txt Normal file
View File

File diff suppressed because it is too large Load Diff

110244
urlhaus-filter-dnscrypt-blocked-names.txt Normal file
View File

File diff suppressed because it is too large Load Diff