OPNSense DNS BlackList Management
I’m using OPNSense Unbounded DNS feature for intercepting DNS Queries on the network and perform many tasks like forwarding DNS Queries throw VPN, Blacklist/Whitelist and etc.
Unbounded DNS Blacklist/Whitelist gives you protection at DNS layer against Malware, Ads, Tracking, Phishing, etc.
There is many layers of protections OPNSense provide like Suricata, Sensei & Unbounded DNS. Each one of them handle different type of threats and mechanisms to deal with it.
To activate Unbounded DNS Blacklist/Whitelist, you should provide lists of IPv4 Host files which provide a lookup for unwanted domains you want to block on your network. You can find the lists you want at FilterLists website.
These lists provide many types of protection but sometimes these lists block something you want to enable on your network, and here is the problem. How to unblock the domains you want from these massive lists and generate a RegEx to whitelist the domains in Unbounded DNS.
In this article, i will explain my method and tools i use for such task.
- AstroGrep: Microsoft Windows grep utility.
- RegexMagic: Regular Expression Generator.
- Download the blocking lists on your machine in specific directory together.
- Use AstroGrep to search for the domains and sub-domains that you want to whitelist.
- Take these domains and sub-domains in RegexMagic and use it to generate the RegEx to put it in the Unbounded DNS Whitelist Placeholder.
Note: You can watch the down video for the steps live (if you don’t understand Arabic, just watch cause i explained what i say in the video here in the article).