Discussion on: DNSmasq-based DNS blocking

p0oker profile image
Pooria A

Thanks I got the idea but not sure local blocking list refers to which concept exactly. Is it the list of domains that I want only to be served from local cache?

Thread Thread
artemis profile image
Diane Author

Basically, dnsmasq (short for dns masquerade) is a DNS proxy / DNS resolver.

The concept of dns-blocking through dnsmasq is configuring dnsmasq to always answer with (an unresolvable but valid IP) to ad / tracking domains.

This is done using the hosts / domains files, or associated configuration rules.

Every ad that you want to block will be set inside the downloaded text files, so dnsmasq will directly answer you with an invalid IP instead of trying to ask upstreams what the real IP address is.

It is a sort of cache, but a purposefully invalid one, for ad domains.

For anything else, it acts as a classic DNS proxy, with customizable caching behaviour and such.

In the domains.txt file, you'll find entries such as the following ones.


The address dnsmasq configuration key says "This domain name format should be resolved to the given address".