Page MenuHomeMy privacy DNS

Recursor Server
Updated 79 Days AgoPublic

l /etc/powerdns/

conf/
recursor.conf

l /etc/powerdns/conf/

allow-from.conf
auth-domains.conf
recursor.lua

recursor.conf

cat /etc/powerdns/recursor.conf

allow-from-file=/etc/powerdns/conf/allow-from.conf

any-to-tcp=no

api-key=SecretKey

carbon-interval=30
carbon-namespace=ns0
carbon-ourname=mypdns
carbon-instance=org
carbon-server=37.252.122.50

config-dir=/etc/powerdns

config-name=ns0.dns.matrix.rocks
daemon=yes

dnssec-log-bogus=yes

dnssec=process

edns-subnet-whitelist=some.domains.tld
use-incoming-edns-subnet=yes

forward-zones-file=/etc/powerdns/conf/auth-domains.conf

hint-file=/usr/share/dns/root.hints

local-address=0.0.0.0,::
local-port=5301
query-local-address6=::
reuseport=yes

log-common-errors=no
log-rpz-changes=yes
log-timestamp=yes
# loglevel=6
quiet=no
trace=on

lowercase-outgoing=no

lua-config-file=/etc/powerdns/conf/recursor.lua

root-nx-trust=yes

server-id=ns0.recursor.matrix.rocks

setgid=pdns
setuid=pdns

tcp-fast-open=10

version-string=ns0.recursor.matrix.rocks 0.01a

# webserver
webserver=yes
webserver-address=0.0.0.0
webserver-allow-from=0.0.0.0/0,::/0
webserver-password=!YouWish
webserver-port=8082
write-pid=yes

xpf-allow-from=127.0.0.0/8,::1,1.2.3.4

xpf-rr-code=65422

recursor.lua

cat conf/recursor.lua

adult.mypdns.cloud
rpzPrimary(
        { 
        "[2a01:4f9:c010:2166::53]:53",
        "[2a01:4f8:1c1c:abe4::53]:53",
        "195.201.225.97:5306",
        "95.216.166.138:5306"
        },
        "adult.mypdns.cloud",
        {
        refresh="60"
        }
)
adware.mypdns.cloud
rpzPrimary(
        { 
        "[2a01:4f9:c010:2166::53]:53",
        "[2a01:4f8:1c1c:abe4::53]:53",
        "195.201.225.97:5306",
        "95.216.166.138:5306"
        },
        "adware.mypdns.cloud",
        {
        refresh="60"
        }
)
coinblocker.srv
rpzPrimary(
        { 
        "[2600:1f18:215e:b701:8624:5523:94aa:f163]:53",
        "[2a05:d014:1bf:db01:c11:ab37:1f20:3358]:53",
        "35.156.219.71",
        "34.194.195.25"
        },
        "coinblocker.srv",
        {
        refresh="60"
        }
)
drop.ip.dtq
rpzPrimary(
        {
        "[2a01:4f9:c010:2166::53]:53",
        "[2a01:4f8:1c1c:abe4::53]:53",
        "195.201.225.97:5306",
        "95.216.166.138:5306"
        },
        "drop.ip.dtq",
        {
        refresh="60"
        }
)
gambling.mypdns.cloud
rpzPrimary(
        { 
        "[2a01:4f9:c010:2166::53]:53",
        "[2a01:4f8:1c1c:abe4::53]:53",
        "195.201.225.97:5306",
        "95.216.166.138:5306"
        },
        "gambling.mypdns.cloud",
        {
        refresh="60"
        }
)
malicious.mypdns.org
-- Stop malicious software from running on your network
rpzPrimary(
        {"2a01:4f9:c010:2166::53",
        "[2a01:4f8:1c1c:abe4::53]:53",
        "95.216.166.138:5306",
        "195.201.225.97:5306"
        },
        "malicious.mypdns.cloud",
        {refresh="600",
        axfrTimeout="60"
        }
)
pirated.mypdns.cloud
rpzPrimary(
        {
        "[2a01:4f9:c010:2166::53]:53",
        "[2a01:4f8:1c1c:abe4::53]:53",
        "195.201.225.97:5306",
        "95.216.166.138:5306"
        },
        "pirated.mypdns.cloud",
        {
        refresh="600"
        }
)
torblock.srv
rpzPrimary(
        {
        "[2600:1f18:215e:b701:8624:5523:94aa:f163]:53",
        "[2a05:d014:1bf:db01:c11:ab37:1f20:3358]:53",
        "35.156.219.71",
        "34.194.195.25"
        },
        "torblock.srv",
        {
        refresh="60"
        }
)
tracking.mypdns.cloud
rpzPrimary(
        {
        "[2a01:4f9:c010:2166::53]:53",
        "[2a01:4f8:1c1c:abe4::53]:53",
        "195.201.225.97:5306",
        "95.216.166.138:5306"
        },
        "tracking.mypdns.cloud",
        {
        refresh="600"
        }
)
typosquatting.mypdns.cloud
rpzPrimary(
        {
        "[2a01:4f9:c010:2166::53]:53",
        "[2a01:4f8:1c1c:abe4::53]:53",
        "195.201.225.97:5306",
        "95.216.166.138:5306"
        },
        "typosquatting.mypdns.cloud",
        {
        refresh="600",
        axfrTimeout="600"
        }
)
rpz.urlhaus.abuse.ch
rpzPrimary(
        {
        "[2a01:4f9:c010:2166::53]:53",
        "[2a01:4f8:1c1c:abe4::53]:53",
        "195.201.225.97:5306",
        "95.216.166.138:5306"
        },
        "rpz.urlhaus.abuse.ch",
        {refresh="300", axfrTimeout="60"}
)
whitelist.mypdns.cloud
rpzPrimary(
        {
        "[2a01:4f9:c010:2166::53]:53",
        "[2a01:4f8:1c1c:abe4::53]:53",
        "195.201.225.97:5306",
        "95.216.166.138:5306"
        },
        "whitelist.mypdns.cloud",
        {refresh="60",
        axfrTimeout="600"}
)
porn.host.srv
-- Be aware that this Response Policy Zone is lacking good quality
-- Maintanace as it is holding a huge number of FP (False Positives)

rpzPrimary(
        {
        "[2600:1f18:215e:b701:8624:5523:94aa:f163]:53",
        "[2a05:d014:1bf:db01:c11:ab37:1f20:3358]:53",
        "35.156.219.71",
        "34.194.195.25"
        },
        "porn.host.srv",
        {refresh="60"}
)
safesearch.mypdns.cloud
-- Do to the size of this zone you should add this as the last one
rpzPrimary(
        {
        "[2a01:4f9:c010:2166::53]:53",
        "[2a01:4f8:1c1c:abe4::53]:53",
        "195.201.225.97:5306",
        "95.216.166.138:5306"
        },
        "safesearch.mypdns.cloud",
        {refresh="60"}
)
spam.mypdns.cloud
-- Do to the size of this zone you should add this as the last one
rpzPrimary(
        {
        "[2a01:4f9:c010:2166::53]:53",
        "[2a01:4f8:1c1c:abe4::53]:53",
        "195.201.225.97:5306",
        "95.216.166.138:5306"
        },
        "spam.mypdns.cloud",
        {refresh="60"}
)
spyware.mypdns.cloud
-- Stop SpyWare from running on your network
rpzPrimary(
        {"2a01:4f9:c010:2166::53",
        "[2a01:4f8:1c1c:abe4::53]:53",
        "95.216.166.138:5306",
        "195.201.225.97:5306"
        },
        "spyware.mypdns.cloud",
        {refresh="600",
        axfrTimeout="60"
        }
)
rpz.mypdns.cloud
-- Do to the size of this zone you should add this as the last one
rpzPrimary(
        {
        "[2a01:4f9:c010:2166::53]:53",
        "[2a01:4f8:1c1c:abe4::53]:53",
        "195.201.225.97:5306",
        "95.216.166.138:5306"
        },
        "rpz.mypdns.cloud",
        {refresh="60", axfrTimeout="600", zoneSizeHint="650000"}
)

See also: DNS Setup, DNS Ixfrdist, Authoritative Server, Dnsdist

Last Author
Spirillen
Last Edited
May 16 2021, 2:35 AM