Blocking DNS requests by type

Question

Blocking DNS requests by type

gUstrx opened this issue 5 months ago · comments

gUstrx commented 5 months ago

Thanks for the software, it's the best!

Please add a function for blocking DNS requests by type. DNS blocking type 65 (https) is very necessary.

analog ||*^$dnstype=HTTPS adguard home

Andrey Meshkov · Answer 1 · Tue Mar 05 2024 15:53:22 GMT+0800 (China Standard Time)

Hi, our approach is the following: dnsproxy is just a DNS forwarder and we intend to keep it this way.
All kinds of advanced filtering is available in AdGuard Home which is built on top of dnsproxy.

gUstrx · Answer 2 · Fri Mar 08 2024 04:22:16 GMT+0800 (China Standard Time)

Hi, our approach is the following: dnsproxy is just a DNS forwarder and we intend to keep it this way. All kinds of advanced filtering is available in AdGuard Home which is built on top of dnsproxy.

But you are already blocking the "ANY" type, I just ask you to expand the list.

Blocking just two types AAAA and Type65 reduces unnecessary requests by 66% and increases responsiveness without using the large adguardhome package.

dnsproxy is used much more often than adguardhome.

#[feature request]

Andrey Meshkov · Answer 3 · Sat Mar 09 2024 17:10:27 GMT+0800 (China Standard Time)

Well, refuse_any is a part of a DNS amplification protection feature list, kind of a must have for any DNS server.

Anyways, I'd say the real feature request here is moving the filtering features from AdGuard Home to dnsproxy.

Maybe at some point we'll decide to change the current approach, but at the moment duplicating functionality seems like an overkill. Why wouldn't you use AGH instead of dnsproxy? It can be configured to work as a pure no-UI DNS filtering solution.