OPNSense DNS BlackList Management

I’m using OPNSense Unbounded DNS feature for intercepting DNS Queries on the network and perform many tasks like forwarding DNS Queries throw VPN, Blacklist/Whitelist and etc.

Unbounded DNS Blacklist/Whitelist gives you protection at DNS layer against Malware, Ads, Tracking, Phishing, etc.

There is many layers of protections OPNSense provide like Suricata, Sensei & Unbounded DNS. Each one of them handle different type of threats and mechanisms to deal with it.

To activate Unbounded DNS Blacklist/Whitelist, you should provide lists of IPv4 Host files which provide a lookup for unwanted domains you want to block on your network. You can find the lists you want at FilterLists website.

These lists provide many types of protection but sometimes these lists block something you want to enable on your network, and here is the problem. How to unblock the domains you want from these massive lists and generate a RegEx to whitelist the domains in Unbounded DNS.

In this article, i will explain my method and tools i use for such task.

Required Tools

Steps

  • Download the blocking lists on your machine in specific directory together.
  • Use AstroGrep to search for the domains and sub-domains that you want to whitelist.
  • Take these domains and sub-domains in RegexMagic and use it to generate the RegEx to put it in the Unbounded DNS Whitelist Placeholder.

Note: You can watch the down video for the steps live (if you don’t understand Arabic, just watch cause i explained what i say in the video here in the article).

Tutorial Video (Arabic Language)

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

%d bloggers like this: