![]() ![]() ![]() ![]() IP_LOOKUP="$(ip route get 8.8.8.8 | awk '" # use $IPv6, if set, otherwise IP_LOOKUP Be sure to change the script/ replace 192.168.0.7 with your Docker host IP address. This is because Docker has a built-in DNS resolver. You can also set DNS1/ DNS2 to be the OpenDNS servers, as outlined here.įinally, on Ubuntu I had to specify the LAN IP address of the Docker host for tcp/ udp port 53 port exposure. Also, note the host-file entries that are passed through to the Docker Container using the “–add-host” Docker run argument. Now create the Docker Container, be sure to change your upstream DNS servers set using the DNS1/ DNS2 arguments and change WEBPASSWORD value. Now create required dnsmasq configuration to force Safe Search (note most guides I found on this neglect to mention requirement to add regional Google URL, in the UK when browsing to com you redirect to co.uk): sudo vi /var/kvm/images/docker/pihole/dnsmasq.d/nfĬname=cname=m.,Ĭname=,Ĭname=,Ĭname=cname=, Sudo mkdir /var/kvm/images/docker/pihole/dnsmasq.d We can use Docker volumes/ mount functionality to persist some data. if you delete the container its contents (including your configuration/ customisation) will be lost. This guide assumes you have Docker installed/ running on Linux, this guide was tested on Ubuntu 17.10.ĭocker Containers are immutable – i.e. The two combined seem to provide a comfortable level of protection for my home network. However, you can use the built-in dnsmasq service to force Safe Search URLs against popular search engines/ YouTube and continue to leverage DNS-based filtering such as OpenDNS Family shield. PiHole is not a web content filter, it is an Ad blocker. Sadly, despite being requested multiple times, OpenDNS Family shield does not provide this functionality – interestingly this seems like a fairly simple capability to offer considering that DNS itself is the mechanism to force Safe Search. Further reading led me to discover that popular search engines/ YouTub provide Safe Search/ Restricted Search-only URLs that have to be set/ configured using DNS CNAMEs – some links that will explain this in more detail (you can skip these if you are looking to configure this capability within PiHole): ![]() I needed to find an effective way to filter content presented by search engines whilst maintaining the excellent block-list functionality that OpenDNS Family Shield provides. As more and more of the Internet goes SSL-only this meant that using one of these options was, potentially, a “depreciating” solution. but when it came to HTTPS/ SSL filtering these all suffer from very limited capabilities or were complex to setup/ configure (requirement for custom CA certificates on devices for starters). I started looking at web content filters such as Privoxy, SquidGaurd, E2Guardian etc. I was already using OpenDNS Family Shield to provide DNS-based filtering via my Internet router (functionality integrated into modern ASUS routers, but you can manually set your DNS servers as outlined here) but this wasn’t sufficient when reviewing search engine results, especially image search results. This is no easy feat, and there is no ‘silver bullet.’ If like me, you have young kids you’ll want to try and protect them from inappropriate content online. That said, any device/ client type can *use* the service once deployed/ configured as outlined below. Its worth noting that Pi-Hole can be deployed on an x86 or ARMHF (Raspberry Pi) Linux platform (i.e. ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |