-
-
Notifications
You must be signed in to change notification settings - Fork 503
block lists
Starting from version 1.4.0rc1, you can block or allow lists of domains.
It can be used to block ads, or limit to what domains an application connects to.
-
Create a new rule:
000-block-domains
-
Check
[x] Enable
,[x] Priority
,Duration: always
,[x] To this list of domains
-
Download list of domains of ads to block (choose any directory you wish):
$ mkdir /media/ads-list/
$ wget https://www.github.developerdan.com/hosts/lists/ads-and-tracking-extended.txt -O /media/ads-list/ads-and-tracking-extended.txt
- Visit any website, and filter by the name of the rule
000-block-domains
. You can useblock-test.developerdan.com
which is included in the above list.
We'll create 2 rules:
- one for allow connections from an app to a limited number of domains.
- another one for deny everything from that app.
- Create 2 rules:
000-allow-app
,001-deny-all-from-app
-
000-allow-app
:
Inside /media/app/
write a file with a list of domains the app can connect to in hosts format:
127.0.0.1 xxx.domain.com
Remember that you may need to add the domain without the subdomains (domain.com
, xxx.domain.com
, etc)
-
001-deny-all-from-app
:
- The format of the files must be in hosts format:
0.0.0.0 www.domain.com
127.0.0.1 www.domain.com
- Lines started with # are ignored. Write comments always on a new line, not after a domain.
- The domains
local
,localhost
,localhost.localdomain
andbroadcasthost
are ignored. - Whenever you save the file to disk, OpenSnitch will reload the list.
Lists of ads, tracking, malware, etc that you can use:
https://filterlists.com/ (filter by Syntaxis: hosts)
https://www.github.developerdan.com/hosts/
Please help us make this wiki better.
How to submit changes: https://github.com/evilsocket/opensnitch/blob/wiki/README.md
- Installation
- Getting started
- Configuration
- Compilation
- GUI translations
- FAQs and common errors
- Examples OpenSnitch in action