DNS Blacklists

To block unwanted traffic, unbound can be configured to blacklist domains.

Inside /var/unbound/etc/unbound.conf, insert these directives:

local-zone: "www.domain.com" static

You can obtain a list of domains to block using StevenBlack's hosts files. I used the unified hosts + porn + gambling filter to block unwanted content.

$ ftp https://raw.githubusercontent.com/StevenBlack/hosts/master/alternates/gambling-porn/hosts

We need to reformat this hosts file:

$ awk '!/^ *#/ && NF' hosts > newhosts # taken from stevenblack's list
$ sed 's/0\.0\.0\.0 \([^#]*\).*$/local-zone: "\1" static/' newhosts > newhosts2
$ sed 's/  "/"/' newhosts2 > newhosts3

Manually check for malformed entries, then put this into /var/unbound/etc/unbound.conf.

Note: You may consider using blacklists from here:

https://dsi.ut-capitole.fr/blacklists/index_en.php https://github.com/4skinSkywalker/anti-porn-hosts-file/blob/master/HOSTS.txt https://mirror1.malwaredomains.com/files/justdomains https://blocklist.site/app/dl/piracy https://blocklist.site/app/dl/torrent https://mirror1.malwaredomains.com/files/justdomains https://github.com/mmotti/pihole-regex/blob/master/regex.list https://blocklist.site/app/dl/porn

The following networks should be banned for copyright infringement:

irc.p2p-network.net irc.gazellegames.net irc.nzbs.in