web front end using Mojolicious Lite

I originally trying to get pi-hole running on FreeBSD but got frustrated part way through porting it. It relies heavily on bash, PHP, and Javascript. Technologies I am not terrible interested in.

The whole program is rather simple it just downloads files ad lists from websites and loads them into dnsmasq. This effectively disables access to the domain by routing traffic to another domain (local host or the dnsmasq server on the LAN).

The most interesting part is that you can then pull statistics from the dnsmasq log file and get internet usage data or help find evidence of malware on your PCs or mobiles.

I got a bit carried away and after creating a simple dns adblocker then went on to create a web front end using Mojolicious Lite.

The website is bare bones so far but allows you to select a date to get statistics for each date:

Screenshot_2018-04-01_12-15-18.png

It currently will limit the generation of files from a query to one per hour to prevent overloading my poor router. It has reasonable error handling. I would like to add a date picker and authentication.

It has so far helped me to identify data collection from Telstra:

2018-02-2802-bd.png

If you look at the most blocked domain for the 28th of March it’s ‘secure-dcr.imrworldwide.com’.

Following hard coding the DNS servers into each device to get more specific data regarding who was performing DNS queries I saw the following line in a “tail -f ” of my logfile:

Apr 1 01:48:05 dnsmasq[6259]: 97661 192.168.0.8/49536 /usr/local/etc/dnsmasq.d/blocklist.txt secure-dcr.imrworldwide.com is 192.168.0.2

This was from my mobile phone! What the heck.

After doing some research I found out mention that Telstra use this domain for data collection. I still had the “Telstra 24/7” app installed on my mobile. After removing it the queries stopped!

I feel even more paranoid than ever.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s