0xacab.org/warlordsam/vpnhole
Readme
WIP
A self-contained GoLang library that is capable of blocking ads,malwares and trackers using DNS Sinkholing. This libray can be integrated with different pre-existing cross-platform applications.
You can learn more about the project from the blogs at leap.se.
The detailed download and installation guide can be found at official website of Go.
For Linux:
# 1. Download Go Binary Archive
wget https://golang.org/dl/go1.18.4.linux-amd64.tar.gz
# 2. Extract it
tar -xzf go1.18.4.linux-amd64.tar.gz -C /usr/local/
# 3. Add PATH Variables
sudo nano /etc/profile
export PATH=$PATH:/usr/local/go/bin
source /etc/profile
# 4. Check Go Version
go version
You can refer to the official documentation for setting GOPATH.
After installing Go, we need gobind. Gobind is a tool that generates language bindings that make it possible to call Go functions from Java and Objective-C. It is called internally by gomobile which can help us build cross-platform applications.
go install golang.org/x/mobile/cmd/gomobile@latest
# To compile Android APK and IOS Apps
gomobile bind [-target android|ios|iossimulator|macos|maccatalyst] [-bootclasspath <path>] [-classpath <path>] [-o output] [build flags] [package]
To clone and build VPN-Hole Library:
git clone https://0xacab.org/leap/vpn-hole.git
cd vpn-hole
To load all of the packages in the main module:
# If go.mod and go.sum are present then,
# Run
go mod tidy
If go.mod and go.sum are missing from the cloned repository, then:
# go mod init [module-path]
go mod init main
# build the library
go build
An executable binary file would be generated for the library.
On MacOSX Monterey you may encounter an build error like this
/Library/Developer/CommandLineTools/SDKs/MacOSX.sdk/usr/include/pthread.h:328:6: error: macro expansion producing
'defined' has undefined behavior [-Werror,-Wexpansion-to-defined]
/Library/Developer/CommandLineTools/SDKs/MacOSX.sdk/usr/include/pthread.h:197:2: note: expanded from macro
'_PTHREAD_SWIFT_IMPORTER_NULLABILITY_COMPAT'
You can fix it by adapting the compiler flags, e.g. by prefixing go build with CGO_CPPFLAGS="-Wno-error -Wno-nullability-completeness -Wno-expansion-to-defined -Wbuiltin-requires-header".
On Ubuntu if you face an error saying:"Failed to serve DNS server: listen udp :53: bind: permission denied"
# see the services listening on port 53
sudo ss -lp "sport = :domain"
or
sudo lsof -i :53
You can see that Ubuntu has systemd-resolved listening on port 53 by default. This will prevent us from running our own DNS server To disable it temporarily and run our own server
# stop
sudo systemctl stop systemd-resolved
# disable
sudo systemctl disable systemd-resolved
To disable it permanently, uncomment and change DNSStubListener to no in /etc/systemd/resolved.conf; you can revert back everything to default if you stop using the vpn-hole library as a standalone.
Also stop any other service which prevents from listening on port 53. Then, you can simply execute the binary file.
In Windows, an executable named- main.exe would be created.
# executing the binary
main.exe
This would start the network wide DNS-level blocker on port 53.
To check if the blocker is blocking malicious domains from the provided blacklist, run nslookup command and see the response:
# For example: 'adbuddiz.com' is one of the domain in the blacklist
nslookup -port=53 adbuddiz.com localhost
Server: UnKnown
Address: ::1
Non-authoritative answer:
Name: adbuddiz.com
Addresses: ::
0.0.0.0
To integrate the VPN-Hole Library with existing cross-platform applications, we will be using gomobile to compile and bind it.
This project is released under GNU GPLv3 License.See LICENSE file for details.
FAQs
Unknown package
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
Socket is joining forces with CISA and other industry leaders at the RSA Conference to sign the Secure by Design pledge, committing to uphold the highest security standards in our products.
Research
The Socket research team breaks down a sampling of malicious packages that download and execute files, among other suspicious behaviors, targeting the popular Discord platform.
Security News
Socket CEO Feross Aboukhadijeh joins a16z partners to discuss how modern, sophisticated supply chain attacks require AI-driven defenses and explore the challenges and solutions in leveraging AI for threat detection early in the development life cycle.