Ads, who loves them?

Some ads can create visual noise on your screen when all you really want is the content that brought you to that page. Some ads try to hide themselves as the content, leading you away to a bogus webpage.

This needs to stop. But how?

Enter, Hostsblock, Dnsmasq, and Kwakd

Credit: The solution was initially brought to my attention by Jason W Ryan on his blog post Ad Blocking with Hostsblock


Hostsblock

Hostsblock is a bash script for Linux designed to take advantage of the HOSTS file available in all operating systems to provide system-wide blocking of internet advertisements, malicious domains, trackers, and other undesirable content. To do so, it downloads a configurable set of blocklists and processes and their entries into a singular HOSTS file.1

For Archlinux (AUR): hostsblock hostsblock-git

Review PKGBUILD Primarily, look at where the file locations are set under package(). This was important for me as the creator’s blog had different paths.

For Dnsmasq integration, read lines 39 - 66 and follow the steps written there:

vim /var/lib/hostsblock/hostsblock.conf

Uncomment lines 64-66 inclusive which should show:

postprocess() {
    sudo /usr/bin/systemctl reload dnsmasq.service
}

*Note: I’ve customized my hostsblock.conf to enable a blacklist and to source additional filter lists. Read the .conf and make changes as per your needs.


Dnsmasq

Dnsmasq is a lightweight DNS, TFTP, PXE, router advertisement and DHCP server. It is intended to provide couple DNS and DHCP service to a LAN.

Dnsmasq accepts DNS queries and either answers them from a small, local, cache or forwards them to a real, recursive, DNS server.2

For Archlinux install with:

# pacman -Syu dnsmasq

Read: Archwiki-dnsmasq

vim /etc/dnsmasq.conf
 # for hostsblock
 addn-hosts=/var/lib/hostsblock/hosts.block
 listen-address=::1,127.0.0.1
 cache-size=1000

 # Read configuration generated by openresolv
 conf-file=/etc/dnsmasq-openresolv.conf
 resolv-file=/etc/dnsmasq-resolv.conf
 server=8.8.8.8
 server=8.8.4.4

Openresolv

After configuring dnsmasq, you need to add the localhost addresses as the only nameservers in /etc/resolv.conf. This causes all queries to be sent to dnsmasq.

Since dnsmasq is not a recursive DNS server you must set up forwarding to an external DNS server. This can be done automatically by using openresolv or by manually specifying the DNS server address in dnsmasq’s configuration.3

For Archlinux install with:

# pacman -Syu openresolv
vim /etc/resolv.conf

I’ve deleted the contents and only have the following:

# Use the local name server
name_servers="::1 127.0.0.1"

# Write out dnsmasq extended configuration and resolv files
dnsmasq_conf=/etc/dnsmasq-openresolv.conf
dnsmasq_resolv=/etc/dnsmasq-resolv.conf

Kwakd

Kwakd is a very small foot print web server written in C (under 400 lines of code) that serves blank html pages for any request. The request can be arbitrary, may even be invalid, but only its first line will be read and the response will be the same: a blank page consisting of “

”. It is quite easy to change the response to whatever you like though.

Kwakd can be handy if you want to intercept traffic from your client (web browser for example) to annoying sites and direct all such traffic to your local machine.4

For Archlinux (AUR): kwakd