So for everyone willing to try this.
I took the guide jklaas posted and combined it with other info in the thread to make a beginner guide.
1). First open /etc/config/resolver with a text editor such as vi:
vi /etc/config/resolver
Look for the following:
config resolver 'kresd'
option rundir '/tmp/kresd'
option log_stderr '1'
option log_stdout '1'
option forks '1'
#option include_config '/tmp/kresd.custom.conf'
#option hostname_config '/etc/hosts'
And change it to:
config resolver 'kresd'
option rundir '/tmp/kresd'
option log_stderr '1'
option log_stdout '1'
option forks '1'
option include_config '/etc/kresd/custom.conf'
#option hostname_config '/etc/hosts'
Also look for the following:
config resolver 'common'
list interface '0.0.0.0'
list interface '::0'
option port '53'
option keyfile '/etc/root.keys'
option verbose '0'
option msg_buffer_size '4096'
option msg_cache_size '20M'
option net_ipv6 '1'
option net_ipv4 '1'
option forward_upstream '1'
option prefered_resolver 'kresd'
option ignore_root_key '0'
option prefetch 'yes'
And change it to the following:
config resolver 'common'
list interface '0.0.0.0'
list interface '::0'
option port '53'
option keyfile '/etc/root.keys'
option verbose '0'
option msg_buffer_size '4096'
option msg_cache_size '20M'
option net_ipv6 '1'
option net_ipv4 '1'
option forward_upstream '0'
option prefered_resolver 'kresd'
option ignore_root_key '0'
option prefetch 'yes'
2). Open /etc/kresd/custom.conf with a text editor:
vi /etc/kresd/custom.conf
Add the following lines in the specified to the file:
policy.add(policy.rpz(policy.DENY, '/etc/kresd/blacklist.rpz'))
policy.add(policy.all(policy.FORWARD('8.8.8.8')))
policy.add(policy.all(policy.FORWARD('8.8.4.4')))
3). Create a script file called “generate_blacklist.sh” in the following location /usr/local witht he following command:
vi /etc/kresd/generate_blacklist.sh
Add the following text/script:
#!/bin/bash
blacklistfile="/etc/kresd/blacklist.rpz"
cat > $blacklistfile <<EOF
\$TTL 60
@ IN SOA localhost. root.localhost. (
2 ; serial
3H ; refresh
1H ; retry
1W ; expiry
1H) ; minimum
IN NS localhost.
EOF
{
wget -q 'http://malwaredomains.lehigh.edu/files/immortal_domains.txt' -O - | grep -v \#; \
wget -q 'http://pgl.yoyo.org/adservers/serverlist.php?hostformat=nohtml&showintro=1&startdate%5Bday%5D=&startdate%5Bmonth%5D=&startdate%5Byear%5D=&mimetype=plaintext' -O - ; \
wget -q 'http://malwaredomains.lehigh.edu/files/BOOT' -O - | grep PRIMARY | cut -d " " -f 2; \
} | sort -u | sed -e 's/.*/\0\tCNAME\t.\n*.\0\tCNAME\t./' >> $blacklistfile
/etc/init.d/kresd reload
4). Make the above script exacuteable with the following command:
chmod +x /etc/kresd/generate_blacklist.sh
5). Create a cronjob to exactue the above script, make a cronjob with the following command:
crontab -e
And add the following line:
6 1 * * 3 /etc/kresd/generate_blacklist.sh
That should be all…
Please give love/thanks to jklaas, cabal, Leonardo and all others that helped in this thread
P.S. If I made any mistakes please let me know and I’ll correct them asap