Public Repository

Last pushed: 3 years ago
Short Description
Lightweight, zeroconf dnsmasq advertising and malware blackhole
Full Description

This is built on the brilliant Alpine-base dnsmasq container by andyshinn which you can find here:

You will want port 53 exposed, and the container needs NET_ADMIN or it will crash on startup.

Try: docker run -p 53:53/tcp -p 53:53/udp --cap-add=NET_ADMIN arthurkay/sagittarius-a

To log blocking use a separate container running a very light httpd (to log hits, user agents, IPs, etc), then a third to parse and display the logs for that.

Assuming Alpine sources ARM binaries for dnsmasq, this would run snappily on a Raspberry Pi. You could probably even get a pretty log console running mostly off of client-JS with something like and a working knowledge of web development.

Developer's usage case is running on a VPN to provide a way to block ads (and malware!) at the system level for smartphones without voiding any warranties (as iOS and Android protect the hosts files).

Configuration happens at build time, see link for source files and to build your own version with alternative blocking

Hosts file inputs through the build script are untrusted, meaning if the hosts files try to redirect facebook/google/banking to imposter sites they will just be blocked.

Docker Pull Command