Skip to content

Latest commit

 

History

History
56 lines (43 loc) · 1.75 KB

README.md

File metadata and controls

56 lines (43 loc) · 1.75 KB

filter

CI CodeQL codecov Go Report Card Go Reference GitHub

Description

The filter plugins enables blocking requests based on predefined lists and rules, creating a DNS sinkhole similar to Pi-Hole or AdGuard.

Features

  • Regex and simple string matching support.
  • Inspection of CNAME, SVCB and HTTPS records detects and blocks cloaking.
  • Block replies are fully cacheable by the cache plugin.

Syntax

filter {
    allow FILE
    block FILE
    uncloak
    ttl DURATION
}
  • allow load FILE to the whitelist.
  • block load FILE to the blacklist.
  • uncloak enables response uncloaking, disabled by default.
  • ttl sets TTL for blocked responses, default is 3600s.

Metrics

If monitoring is enabled (via the prometheus plugin) then the following metric are exported:

  • coredns_filter_blocked_requests_total{server} - count per server

Examples

.:53 {
    filter {
        allow /lists/allowlist.txt
        block /lists/denylist.txt
        uncloak
        ttl 600
    }
    forward . tls://1.1.1.1 tls://1.0.0.1 {
        tls_servername cloudflare-dns.com
    }
}