On 4/24/19, David Wright <deb...@lionunicorn.co.uk> wrote: > [I presume that replying only to me was a mistake.]
Nope, responding to your "my /etc/hosts file has ~14000 lines" didn't seem all that germane to the thread. & not that this is either, but if you'd prefer to keep it on the list I don't mind. > On Tue 23 Apr 2019 at 10:38:41 (-0400), Lee wrote: >> On 4/22/19, David Wright <deb...@lionunicorn.co.uk> wrote: >> > On Sun 21 Apr 2019 at 20:30:53 (-0700), pe...@easthope.ca wrote: >> >> From: David Wright <deb...@lionunicorn.co.uk> >> >> Date: Sun, 21 Apr 2019 16:13:11 -0500 >> >> > Does the behaviour reported in your OP cause you *great* concern? >> >> >> >> No. Just wastes time. Opening a simple local HTML home page requires >> >> roughly a minute rather than roughly a second. >> > >> > I tend to forget that, because my /etc/hosts file has ~14000 lines, >> > pages appear a lot faster here. >> >> Have you looked at bind's dns rpz? > > Just now. > >> http://zytrax.com/books/dns/ch7/rpz.html >> It lets you do things like >> *.2o7.net CNAME . >> *.doubleclick.net CNAME . >> >> to block entire domains instead of having to list each and every >> hostname in the domain. >> >> And you can log what is blocked/allowed to make troubleshooting easier > > It might be a good *mechanism* for the diversion itself, but AFAICT > it's aimed at the *policy* implementers rather than the end-user. Just out of curiosity - do you think pi-hole is aimed at policy implementers or end users? > The value I get from Dan Pollock is the list of sites rather than the > most elegant mechanism for handling that list. Looking at the comments > in the list, and by comparing evolving versions, it does appear that > Dan actively "opens holes" where people report interference or > difficulties using certain legitimate sites. > > Finally, I wouldn't know where to start to compile a list of sites > like that. https://dnsrpz.info/ If you're a business, you can buy access to an rpz feed. If you're a [home?] network admin it's simple enough to enable logging & see what all is allowed that you'd rather have blocked. And/or grab things like Dan Pollock's list and turn them into an rpz file. I just don't like the size & the churn in curated host files - I'd rather have a single line *.advertisingdomain.tld and have them all blocked vs. the maybe hundreds of lines blocking each specific host. Regards, Lee
