Wrapped in gaffa

Programming, Art, Music, Philosophy, Politics

Archive for February 2009

Local DNS to work around censorship

with one comment

I live in Denmark and unfortunately that’s a country where courts don’t know the laws they judge by. Which means IFPI got through with a nationwide block of the site thepiratebay.org. The Pirate Bay is basically just a huge public torrent tracker, which means many Open Source projects are using it to distribute files (fx. the game Urban Terror) and even the Danish national television were distributing some files through it. I personally used it to distribute the Creative-Commons BBC documentary The Codebreakers for IOSN (a UN Development Programme).

At first I used /etc/hosts and manually entered the IPs, because I didn’t want to use an external DNS service. I don’t trust any outsiders with all my DNS lookups, I want all lookups except the blocked domains to go to my ISP. Unfortunately a static hosts file is just not the same as doing a DNS lookup for this kind of site. Fx. tracker.thepiratebay.org does not point to one single IP, but 8 different IPs. CNAME records like vip.tracker.thepiratebay.org points to tracker.thepiratebay.org. Another problem is when TPB decides to start a new site like trial.thepiratebay.org, then I have to manually add that domain to /etc/hosts after looking it up at TPBs own nameservers.

Today I decided to try a different approach than the static hosts file. I wanted to set up at DNS proxy. I went with pdnsd, which was very easy to set up. All I had to do was to install the packages pdnsd and resolvconf (on Ubuntu 8.04) and add the two entries below to the pdnsd.conf file. The router entry redirects any lookup not pointing at thepiratebay.org and its subdomains to my router. If you’re not using a router you could enter the IPs of your ISPs DNS servers instead of the IP of your router. The tpb entry is simply an entry that looks up any request for thepiratebay.org and its subdomains and nothing else. The servers used are TPBs own name servers.

server {
    label = "router";
    ip = 192.168.1.1;
    exclude = ".thepiratebay.org";
    policy = included;
}
 
server {
    label = "tpb";
    ip = 83.140.176.159
    ,    194.71.107.1
    ,    85.17.40.33
    ,    217.75.120.120
    ;
    include = ".thepiratebay.org";
    policy = excluded;
}
Advertisements

Written by gaffa

2009-02-15 at 19:41

Posted in Copyright, Linux, Politics, Software, Ubuntu

Tagged with