powerful_dns
This is (going to be) powerful dns server.
The concept is taken from PiHole: you can block specific domain, and you can edit blocked domain list from web interface.
The biggest goal of this project is to let machine learning model detect ads domain automatically
Todo
- Implement really basic dns feature
- Employ blacklist based blocking
- Caching
- Query Log
- Web Interface: under dev
- Domain clustering (Session based query log)
- Employ unsupervised machine learning model to detect ads
Installation
For raspi user
Just copy&paste 3 command:)
sudo su
apt update && apt install docker.io -y
docker run -d --name pdns -p 53:53/udp -p 80:80/tcp iamsuk/powerful_dns
After that redis-server & powerful_dns
will immediately start.
check application log using docker exec pdns tail -f /etc/powerful_dns/powerful_dns.log
Or check err log only using docker exec pdns cat /etc/powerful_dns/err.log
For non-raspi user / raspi user who don't like to use docker
NOTE: I assume you have golang install
- Clone repo
git clone https://github.com/iamsuk/powerful_dns.git
or
git clone git@github.com:iamsuk/powerful_dns.git
for ssh.
- Install
bash install.sh
it's going to go build
and place default db/config file in /etc/powerful_dns directory
When you prompt Username/Groupname, type user/group name you want to be owner of /etc/powerful_dns directory
- Daemonize
bash daemon.sh
This will start install powerful_dns previously built and
AND, start/daemonize powerful_dns.service (so that server will immediately start even after machine rebooted)
NOTE: default/powerful_dns.service is written for user "pi". If you are not user "pi", you have to modify default/powerful_dns.service BEFORE bash daemon.sh
, because what daemon.sh does is to copy default/powerful_dns.service to /lib/systemd/system/powerful_dns.service which is going to be referenced by systemd.
Check /var/log/powerful_dns.log to confirm server running
3. Or run manually if you don't want it to be daemonized
type sudo ./powerful_dns
in directory you cloned.
Usage
- Start DNS: check Installation
- Add domain to blacklist: under development
- Add domain to whitelist: udner development
Tested on
Installation for raspi user
- Linux pi 5.10.60-v7+ #1449 SMP Wed Aug 25 15:00:01 BST 2021 armv7l GNU/Linux (Raspbian/3b+)
Installation for non-raspi user
- Kali linux 2020
ChangeLog
- 2021/09/10: domain blocking feature
- 2021/09/10: caching feature
- 2021/09/11: query log feature
- 2021/09/12: support docker installation
Configuration
There's a few things you can configure yourself (you don't have to though)
NOTE:everything should be "written in double quote".
- Upperstream DNS
- IP: the ip of upperstream dns for when local dns (powerful_dns) could not resolve domain
- Port: the port of upperstream. Basically 53
- Local DNS
- Port: the dns port to be listened to by powerful_dns
- Web Server (not implemented yet)
- Port: the http port tobe listened to by powerful_dns
Explanation
What it does
powerful_dns act as dns server.
It can (for now)
- block specific domain listed in gravity.db - blacklist table
- block domain knows as harmful listed in gravity.db - gravity (taken from pihole's default blacklist)
What it is going to be
powerful_dns is going to be provide such a powerful feature listed below
- Web interface to block specific domain easily
- every domain is displayed being clustered. When you visit a single site, it is so often that the site request multiple domains additionally. Web interface is going to cluster domains that are requested sequentially, to make sure you figure out which domain is requested by which, and to block some of them that seems to be ads in no time
- Machine learning ads blocking using naive bayes
- using clustered domains, and by assessing readability of domains, duration from previous domain was requested, and characteristic relation to domains known to be ads, it might be possible to detect which domains are malicious.