Skip to content

jakenology/Public_Pi-hole

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 
 
 
 
 
 
 
 
 
 
 
 
 
 
 

Repository files navigation

Public Pi-hole Project

Making Pi-hole available to all...

Custom Features

  • Google SafeSearch and Bing Strict Search Options Enforced
  • OpenDNS to block adult content, academic dishonesty, proxies & VPN, etc.
  • DNS Amplification attack protection

UPDATE: PUBLIC PIHOLE PROJECT HAS BEEN SUSPENDED. IF YOU WOULD LIKE TO CONTRIBUTE AND BE A PART OF THE ADBLOCKDNS.NET DOMAIN, PLEASE CONTACT!

I can not guarantee 100% uptime, but if you encounter any issue or need something whitelisted, please open an issue

INSTALLATION(S)

IPTABLES PERSISTENT

1. apt update

2. apt install iptables-persistent

3. systemctl enable netfilter-persistent

4. Add your rules

5. invoke-rc.d netfilter-persistent save

COUNTRY BLOCKING

There's an issue, yes, we know. Go here: https://legacy-geoip-csv.ufficyo.com/

The command is: wget -q https://legacy-geoip-csv.ufficyo.com/Legacy-MaxMind-GeoIP-database.tar.gz -O - | tar -xvzf - -C /usr/share/xt_geoip

ONLY ALLOW "GOOD" COUNTRIES

BLOCK ALL OTHER COUNTRIES

ALLOW ALL FROM VPC NETWORK

ALLOW ALL FROM CLOUDFLARE CDN

BLOCK ALL OTHERS

iptables -A INPUT -s 0.0.0.0/0 -j DROP

DNS AMPLIFICATION ATTACKS

iptables -A INPUT -p udp --dport 53 -m string --from 40 --algo bm --hex-string '|0000FF0001|' -m recent --set --name dnsanyquery iptables -A INPUT -p udp --dport 53 -m string --from 40 --algo bm --hex-string '|0000FF0001|' -m recent --name dnsanyquery --rcheck --seconds 60 --hitcount 3 -j DROP iptables -A INPUT -p tcp --dport 53 -m string --from 52 --algo bm --hex-string '|0000FF0001|' -m recent --set --name dnsanyquery iptables -A INPUT -p tcp --dport 53 -m string --from 52 --algo bm --hex-string '|0000FF0001|' -m recent --name dnsanyquery --rcheck --seconds 60 --hitcount 3 -j DROP