apple-touch-icon

l1x/dev

Elixir Ads Filter (ελάφι)

ελάφι

What is this?

Elafi is a DNS proxy that filters out unwanted content by returning 0.0.0.0 to the A and ::/0 to AAAA requests that try to resolve ad/spam/malware domains.

In my home network this is roughly 10 - 30% of traffic depending on the part of the day and what devices are active. I find it outrageous that I have to look at ads on a device that I purchased, using my internet connection that I paid for and spend CPU time (producing CO2) to look at completely irrelevant ads, sometimes even malware installers.

I really like Pihole but it has more dependencies that I am comfortable with (dnsmasq, lighttpd, php, Bootstrap 3.x, etc.).

Apps

The apps currently starting up with Elafi:

Dependecies

I try to not to use any dependecies.

  defp deps do
    [
      {:elli, "~> 3.2"}
    ]
  end

DNS

This is the current flow of incoming DNS packets:

Dns Proxy Flow

Link

Message Format

All communications inside of the domain protocol are carried in a single format called a message. The top level format of message is divided into 5 sections (some of which are empty in certain cases) shown below:

+---------------------+
|        Header       |
+---------------------+
|       Question      | the question for the name server
+---------------------+
|        Answer       | RRs answering the question
+---------------------+
|      Authority      | RRs pointing toward an authority
+---------------------+
|      Additional     | RRs holding additional information
+---------------------+

Header + Question must be included for both request and reponse. Answer can be compressed with pointers to the question section.

Example query and response without pointers:

                     +-----------------------------------------+
       Header        |          OPCODE=IQUERY, ID=123          |
                     +-----------------------------------------+
      Question       |  QTYPE=A, QCLASS=IN, QNAME=WEB.MIT.EDU  |
                     +-----------------------------------------+
       Answer        |                 <empty>                 |
                     +-----------------------------------------+
      Authority      |                 <empty>                 |
                     +-----------------------------------------+
     Additional      |                 <empty>                 |
                     +-----------------------------------------+


                     +-----------------------------------------+
       Header        |         OPCODE=RESPONSE, ID=123         |
                     +-----------------------------------------+
      Question       |  QTYPE=A, QCLASS=IN, QNAME=WEB.MIT.EDU  |
                     +-----------------------------------------+
       Answer        |       WEB.MIT.EDU A IN 104.96.143.80    |
                     +-----------------------------------------+
      Authority      |                 <empty>                 |
                     +-----------------------------------------+
     Additional      |                 <empty>                 |
                     +-----------------------------------------+                         
Pcap

bytes:

0000   b8 27 eb a8 3d a3 dc a6 32 75 b6 86 08 00 45 00   .'..=...2u....E.
0010   00 36 13 a2 00 00 40 11 e2 ed c0 a8 01 6e c0 a8   .6....@......n..
0020   01 69 ae 33 00 35 00 22 34 53 14 83 01 00 00 01   .i.3.5."4S......
0030   00 00 00 00 00 00 04 72 70 69 34 03 6c 61 6e 00   .......rpi4.lan.
0040   00 01 00 01                                       ....

bytes:

  0000   dc a6 32 75 b6 86 b8 27 eb a8 3d a3 08 00 45 00   ..2u...'..=...E.
  0010   00 46 97 0e 40 00 40 11 1f 71 c0 a8 01 69 c0 a8   .F..@.@..q...i..
  0020   01 6e 00 35 ae 33 00 32 2b b7 14 83 81 80 00 01   .n.5.3.2+.......
  0030   00 01 00 00 00 00 04 72 70 69 34 03 6c 61 6e 00   .......rpi4.lan.
  0040   00 01 00 01 c0 0c 00 01 00 01 00 00 05 d1 00 04   ................
  0050   c0 a8 01 6e                                       ...n

https://www.zytrax.com/books/dns/ch15/#header

Question

https://www.zytrax.com/books/dns/ch15/#question

Answer

https://www.zytrax.com/books/dns/ch15/#answer

Authority

https://www.zytrax.com/books/dns/ch15/#authority

Additional

https://www.zytrax.com/books/dns/ch15/#additional

Resources