Local DNS Firewall
A proxy to inspect and mingle locally generated DNS queries. Optional tray icon an Gtk interface.
Inspecting and filtering DNS traffic generated by desktop applications can be tricky. Tools like tcpdump have no way to tell which running process generated a DNS query. Also, Netfilter cannot filter traffic by domain name and many domains resolve to IP addresses that change frequently.
dns-firewall acts as a forwarding DNS resolver. It listens locally on port 53 and forwards only the allowed queries to external resolvers.
It detects the name of the process trying to resolve a domain name and applies filtering rules based on that.
- Block DNS queries by application and domain, or return configurable IP addresses
- Tray icon with activity indicators
- Log window to inspect recent activity
- Optionally resolve names using the Tor network
Create conf.yaml from conf.yaml.example
Binding to UDP port 53 is required. You can run the process as root or install and configure authbind:
sudo apt-get install authbind sudo touch /etc/authbind/byport/53 authbind --depth 2 ./dns_firewall/main.py conf.yaml # or sudo ./dns_firewall/main.py conf.yaml
Add –tray to enable the tray icon and Gtk interface. Left-click on the tray icon to display the log window.
Update your /etc/resolv.conf with “nameserver 127.0.0.1”
In development. Testing and contributions are welcome!