RPZ zone response delay time ?
Jason Vas Dias
jason.vas.dias at ptt.ie
Fri Apr 7 16:27:38 UTC 2023
Good day -
I have converted the excellent hosts file at
https://someonewhocares.org/hosts/
to a Response Policy Zone (RPZ) file served by my
local named that ends:
*.google-analytics.com A 0.0.0.0
*.clarity.ms A 0.0.0.0
*.adtelligent.com A 0.0.0.0
(there are over 15,000 entries in it).
This serves to speed up my internet accesses about 10 times,
normally, and acts great as an ad+spyware site blocker,
like a do-it-yourself RBL list.
I create a static route at boot-up :
blackhole 0.0.0.0/8
.
But I am finding that some modern sites like YouTube.com in particular
have begun entering an infinite busy loop requesting content from the
AdWare sites, until it succeeds (though it never will on my box),
even if address 0.0.0.0 is returned by DNS .
So now just playing a song on YouTune consumes about 800% CPU time,
unless I am able to copy the Embed Link to an HTML file so as to
avoid loading YouTube's JS libraries (does not work for Ad-Ware
augmented content).
Please, could I request adding an artificial
"Delay All RPZ Zone Responses by N Microseconds"
option ?
I could then delay all my RPZ zone responses by say 6 seconds,
this is enough time for them to time-out and will act as a throttle
on evil JavaScript code such as that employed by YouTube.
I will put something like this as a patch into MY named, I just
wondered if there'd be any interest in adding such a
'DelayRPZResponse' NamedConf option for the standard BIND9 release.
Thanks, Best Regards,
Jason Vas Dias
More information about the bind-users
mailing list