I now use dnsmasq, with a large /etc/hosts file obtained from Energized packs [https://energized.pro/#packs]. Some of these are quite large.
Trying to get info from the dnsmasq team, which is still using a mailist, not a forum, has been impossible.
1a) Can someone walk me through how dnsmasq resolves an address?
1b) Is it: cache, /etc/hosts, then upstream DNS?
1c) Is /etc/hosts cached in memory in some way?
1d) If not is there a tool/solution that would allow me to reduce lookup latency?
2a) Would iptable filters be faster in blocking a large list of domains/urls [on the order of 150,000+]?
2b) Is there a way to store the huge filter list in memory so iptables is faster? I read something about IPTables-IPv4-DBTarpit.
3) Any advice on other tools with the least latency for blocking IP lookups of a huge list of IP addresses?
I have all this RAM and I'd like to use it.
Best Answer
Better than using
/etc/hostsfordnsmasqis to create a configuration with lines like thisYou can include a generated blocking list file with
in
dnsmasq's main configuration file.If you search for keywords
dnsmasq adblockyou may find some detailed instructions.The "energized" URL in your question also provides configuration files specific for
dnsmasq.