block lists
Starting from version 1.4.0rc1, you can block or allow lists of domains.
It can be used to block ads, or limit to what domains an application connects to.
-
Create a new rule:
000-block-domains -
Check
[x] Enable,[x] Priority,Duration: always,[x] To this list of domains
-
Download list of domains of ads to block (choose any directory you wish):
$ mkdir /media/ads-list/
$ wget https://www.github.developerdan.com/hosts/lists/ads-and-tracking-extended.txt -O /media/ads-list/ads-and-tracking-extended.txt
- Visit any website, and filter by the name of the rule
000-block-domains. You can useblock-test.developerdan.comwhich is included in the above list.
We'll create 2 rules:
- one for allow connections from an app to a limited number of domains.
- another one for deny everything from that app.
- Create 2 rules:
000-allow-app,001-deny-all-from-app -
000-allow-app:
Inside /media/app/ write a file with a list of domains the app can connect to in hosts format:
127.0.0.1 xxx.domain.com
Remember that you may need to add the domain without the subdomains (domain.com, xxx.domain.com, etc)
-
001-deny-all-from-app:
- The format of the files must be in hosts format:
0.0.0.0 www.domain.com
127.0.0.1 www.domain.com
- Lines started with # are ignored. Write comments always on a new line, not after a domain.
- The domains
local,localhost,localhost.localdomainandbroadcasthostare ignored. - Whenever you save the file to disk, OpenSnitch will reload the list.
Lists of ads, tracking, malware, etc that you can use:
https://filterlists.com/ (filter by Syntaxis: hosts)
https://www.github.developerdan.com/hosts/