# LOGGING FILE. DEPRECIATED. All error and status messages go to stdout now. # Redirect to a logfile on the command line, e.g.: ## /usr/bin/hostsblock &>/var/log/hostsblock.log # CACHE DIRECTORY. Directory where blocklists will be downloaded and stored. # They will only be updated if the server has a newer version. cachedir="/var/cache/hostsblock" # DEFAULT # WORK DIRECTORY. Temporary directory where interim files will be unzipped and # processed. This directory will be deleted after hostsblock completes itself. tmpdir="/dev/shm" # DEFAULT # FINAL HOSTSFILE. The final hosts file that combines together all downloaded # blocklists. If not using a dns caching daemon like dnsmasq, this should be # /etc/hosts. Include hosts file entries which you want to maintain in the # "hostshead" entry, such as your loopback device (e.g. 127.0.0.1 localhosts) #hostsfile="/etc/hosts.block" # For use with a dnscacher, e.g dnsmasq hostsfile="/etc/hosts" # DEFAULT. If not using a dns caching daemon # REDIRECT URL. Url to which blocked hosts will be redirect, either 0.0.0.0 or # 127.0.0.1. This replaces any entries to 0.0.0.0 and 127.0.0.1. If you run a # pixelserver such as pixelserv or kwakd, it is advisable to use 127.0.0.1. redirecturl="127.0.0.1" # DEFAULT # ALLOW REDIRECTS. Give "1" here to allow entries from blocklists that redirect # rather than just block. Redirects present a certain security hazard, so make # sure that you trust your blocklist providers if you give "1" here. Redirects # allow those who have corrupted DNS servers to access sites not available # otherwise. redirects="0" # DEFAULT # POSTPROCESSING SUBROUTINE. Commands to run after the new hostsfile has been # created. You may configure your dnscacher here (see example), or use the new # automatic detection routine. #postprocess(){ # # systemctl restart dnsmasq.service # For dnsmasq under systemd #} # #postprocess(){ # # /bin/true # DEFAULT. If not using a dns caching daemon #} # # HEAD FILE. File containing hosts file entries which you want at the beginning # of the resultant hosts file, e.g. for loopback devices and IPV6 entries. Use # your original /etc/hosts file here if you are writing your final blocklist to # /etc/hosts so as to preserve your loopback devices. Give hostshead="0" to # disable this feature. For those targeting /etc/hosts, it is advisable to copy # their old /etc/hosts file to this file so as to preserve existing entries. hostshead="0" # DEFAULT #hostshead="/etc/hostsblock/hosts.head" # If not using dns caching. # BLACKLISTED SUBDOMAINS. File containing specific subdomains to blacklist which # may not be in the downloaded blacklists. Be sure to provide not just the # domain, e.g. "google.com", but also the specific subdomain a la # "adwords.google.com" without quotations. blacklist="/etc/hostsblock/black.list" # WHITELIST. File containing the specific subdomains to allow through that may # be blocked by the downloaded blocklists. In this file, put a space in front of # a string in order to let through that specific site (without quotations), e.g. # " www.example.com" will unblock "http://www.example.com" but not # "http://subdomain.example.com". Leave no space in front of the entry to # unblock all subdomains that contain that string, e.g. ".dropbox.com" will let # through "www.dropbox.com", "dl.www.dropbox.com", "foo.dropbox.com", # "bar.dropbox.com", etc. whitelist="/etc/hostsblock/white.list" #### NEW PARAMETERS #### # CONNECT_TIMEOUT. Parameter passed to curl. Determines how long to try to # connect to each blocklist url before giving up. connect_timeout=60 # DEFAULT # RETRY. Parameter passed to curl. Number of times to retry connecting to # each blocklist url before giving up. retry=0 # DEFAULT # BACKUP_OLD. Save old hosts.block file. Passing "0" or "no" here has hostsblock # NOT backup the old hosts.block file. Passing "1" or "yes" here has hostsblock # save an uncompressed copy of hosts.block. Passing a compression command with # gzip-compatible syntax has hostsblock save a compressed copy of hosts.block. # By default, hostsblock attempts to save a gzip-compressed copy. If it can't # find gzip, it makes no backup. # backup_old="gzip" # DEFAULT # RECYCLE_OLD. If, for some reason, new downloaded blocklists contain fewer # entries than previous versions, this option allows hostsblock to recycle the # old main blocklist (e.g. hosts.block) so that old entries are preserved. In # effect, the old hosts.block file becomes another downloaded blocklist. # 1 = hostsblock WILL recycle old hosts.block, 0 = hostsblock will NOT. recycle_old=1 # DEFAULT # VERBOSITY. How much info hostsblock should provide while running. Follows # the following scheme: ### Level 0: Only fatal errors ### Level 1: Level 0 + non-fatal errors ### Level 2: Level 1 + updates to cache files ### Level 3: Level 2 + narration of each major phase ### Level 4: Level 3 + step-by-step details of all processes ### Level 5: Level 4 + stdout/stderr from sub-processes like curl, zip, 7za, etc. verbosity=1 # DEFAULT # ANNOTATE. File where hostsblock will save information on which blocklist files # affect which urls. Needed for hostsblock-urlcheck. annotate=/var/lib/hostsblock.db.gz # BLOCKLISTS. List all blocklists to be downloaded as an array.Files may be # either plaintext, zip, or 7z files. Hostsfiles will identify zip and 7z files # by their file extension. blocklists=( ## HIGHLY RECOMMENDED LISTS 'http://winhelp2002.mvps.org/hosts.zip' # anti-ad and anti-malware list (winhelp2002.mvps.org/hosts.htm) 'http://pgl.yoyo.org/as/serverlist.php?hostformat=hosts&mimetype=plaintext' # anti-ad (pgl.yoyo.org/adservers/) 'http://hosts-file.net/download/hosts.zip' # hpHosts main anti-ad and anti-malware (hosts-file.net/) 'http://www.malwaredomainlist.com/hostslist/hosts.txt' # anti-malware (www.malwaredomainlist.com/) 'http://hosts-file.net/ad_servers.txt' # anti-ads-only version of hpHosts main list (hosts-file.net) ## RECOMMENDED LISTS 'http://hosts-file.net/hphosts-partial.asp' # hpHosts inter-release (hosts-file.net/) 'http://hostsfile.org/Downloads/BadHosts.unx.zip' # anti-malware (hostsfile.org/hosts.html) 'http://hostsfile.mine.nu/Hosts.zip' # anti-ad (hostsfile.mine.nu) 'http://someonewhocares.org/hosts/hosts' # anti-ad and anti-malware (someonewhocares.org/hosts/) 'http://sysctl.org/cameleon/hosts' # anti-ad (sysctl.org/cameleon/) ## OPTIONAL LISTS #'http://hosts-file.net/download/yahoo_servers.zip' # hpHosts for yahoo adservers (hosts-file.net/) #'http://abp.mozilla-hispano.org/nauscopio/hosts.zip' # supplemented version of someonewhocares.org list (https://nauscopio.wordpress.com/category/filtrado/) #'http://rlwpx.free.fr/WPFF/htrc.7z' # anti-trackers (very large) (rlwpx.free.fr/WPFF) #'http://rlwpx.free.fr/WPFF/hpub.7z' # anti-advertising (very large) (rlwpx.free.fr/WPFF) #'http://rlwpx.free.fr/WPFF/hrsk.7z' # anti-malware (very large) (rlwpx.free.fr/WPFF) #'http://rlwpx.free.fr/WPFF/hsex.7z' # anti-porn (very large) (rlwpx.free.fr/WPFF) #'http://rlwpx.free.fr/WPFF/hmis.7z' # miscellaneous sites to be blocked (rlwpx.free.fr/WPFF) ## LISTS WITH REDIRECTIONS. Enable redirects="1" to enable, and also uncomment #'http://rlwpx.free.fr/WPFF/hblc.7z' # redirections for phished sites (rlwpx.free.fr/WPFF) )