git: 9937d86c0690 - main - dns/dns-blackhole: Add new port
- Go to: [ bottom of page ] [ top of archives ] [ this month ]
Date: Thu, 28 Aug 2025 14:26:05 UTC
The branch main has been updated by dvl:
URL: https://cgit.FreeBSD.org/ports/commit/?id=9937d86c06904f32996713aeaa25f978b0fa57f2
commit 9937d86c06904f32996713aeaa25f978b0fa57f2
Author: Dan Langille <dvl@FreeBSD.org>
AuthorDate: 2025-08-28 14:24:34 +0000
Commit: Dan Langille <dvl@FreeBSD.org>
CommitDate: 2025-08-28 14:26:02 +0000
dns/dns-blackhole: Add new port
Use BIND's Response Policy Zone (RPZ) feature to blackhole various DNS
queries.
---
dns/Makefile | 1 +
dns/dns-blackhole/Makefile | 41 ++++++++++++++++++++++
dns/dns-blackhole/distinfo | 3 ++
dns/dns-blackhole/files/901.dns-blackhole.in | 22 ++++++++++++
.../files/patch-dns-blackhole.conf.dist | 20 +++++++++++
dns/dns-blackhole/pkg-descr | 7 ++++
dns/dns-blackhole/pkg-plist | 5 +++
7 files changed, 99 insertions(+)
diff --git a/dns/Makefile b/dns/Makefile
index 6de9331776a7..2b58160af500 100644
--- a/dns/Makefile
+++ b/dns/Makefile
@@ -19,6 +19,7 @@
SUBDIR += dhisd
SUBDIR += dlint
SUBDIR += dns-ui
+ SUBDIR += dns-blackhole
SUBDIR += dns2blackhole
SUBDIR += dns2tcp
SUBDIR += dnsblast
diff --git a/dns/dns-blackhole/Makefile b/dns/dns-blackhole/Makefile
new file mode 100644
index 000000000000..e901d308b556
--- /dev/null
+++ b/dns/dns-blackhole/Makefile
@@ -0,0 +1,41 @@
+PORTNAME= dns-blackhole
+PORTVERSION= 0.1.0
+CATEGORIES= dns
+
+MAINTAINER= dvl@FreeBSD.org
+COMMENT= Send ads and trackers to a dead-end
+WWW= https://github.com/morganwdavis/dns-blackhole
+
+USE_GITHUB= yes
+GH_ACCOUNT= morganwdavis
+
+NO_BUILD= yes
+
+BINFILES= dns-blackhole.sh
+CONFFILES= dns-blackhole.conf
+DBFILES= allowed_hosts blocked_hosts
+
+PERIODIC= ${PREFIX}/etc/periodic/daily
+
+SUB_FILES= 901.dns-blackhole
+PLIST_SUB= PERIODIC=${PERIODIC}
+
+do-install:
+ ${MKDIR} ${STAGEDIR}${ETCDIR} ${STAGEDIR}${PERIODIC}
+
+.for f in ${BINFILES}
+ ${INSTALL_SCRIPT} ${WRKSRC}/${f} ${STAGEDIR}${PREFIX}/bin
+.endfor
+
+.for f in ${CONFFILES}
+ ${REINPLACE_CMD} -e "s:%%PORTNAME%%:${PORTNAME}:g" ${WRKSRC}/${f}.dist
+ ${INSTALL_DATA} ${WRKSRC}/${f}.dist ${STAGEDIR}${ETCDIR}/${f}.sample
+.endfor
+
+.for f in ${DBFILES}
+ ${INSTALL_DATA} ${WRKSRC}/${f}.dist ${STAGEDIR}${ETCDIR}/${f}.sample
+.endfor
+
+ ${INSTALL_SCRIPT} ${WRKDIR}/901.dns-blackhole ${STAGEDIR}${PERIODIC}/
+
+.include <bsd.port.mk>
diff --git a/dns/dns-blackhole/distinfo b/dns/dns-blackhole/distinfo
new file mode 100644
index 000000000000..b6143ef68deb
--- /dev/null
+++ b/dns/dns-blackhole/distinfo
@@ -0,0 +1,3 @@
+TIMESTAMP = 1756390823
+SHA256 (morganwdavis-dns-blackhole-0.1.0_GH0.tar.gz) = 814ea228695c7054f042b598cb0bec0b893794213c07534e6fb5517f017e541a
+SIZE (morganwdavis-dns-blackhole-0.1.0_GH0.tar.gz) = 5888
diff --git a/dns/dns-blackhole/files/901.dns-blackhole.in b/dns/dns-blackhole/files/901.dns-blackhole.in
new file mode 100755
index 000000000000..4090a5b6d6ea
--- /dev/null
+++ b/dns/dns-blackhole/files/901.dns-blackhole.in
@@ -0,0 +1,22 @@
+#!/bin/sh -
+#
+# $FreeBSD$
+#
+
+if [ -r /etc/defaults/periodic.conf ]; then
+ . /etc/defaults/periodic.conf
+ source_periodic_confs
+fi
+
+case "$dns_blackhole_enable" in
+ [Yy][Ee][Ss])
+
+ echo
+ %%PREFIX%%/bin/dns-blackhole.sh -c /usr/local/etc/dns-blackhole/dns-blackhole.conf update
+ ;;
+ *)
+ rc=0
+ ;;
+esac
+
+exit $rc
diff --git a/dns/dns-blackhole/files/patch-dns-blackhole.conf.dist b/dns/dns-blackhole/files/patch-dns-blackhole.conf.dist
new file mode 100644
index 000000000000..d9569a98163e
--- /dev/null
+++ b/dns/dns-blackhole/files/patch-dns-blackhole.conf.dist
@@ -0,0 +1,20 @@
+--- dns-blackhole.conf.dist.orig 2025-08-18 11:53:06 UTC
++++ dns-blackhole.conf.dist
+@@ -3,7 +3,7 @@
+ #
+
+ # Directory in which config and custom host files reside
+-dns_blackhole_dir="/usr/local/etc/dns-blackhole"
++dns_blackhole_dir="/var/db/%%PORTNAME%%"
+
+ # Path to your BIND namedb directory where included files go
+ named_includes_dir="/usr/local/etc/namedb"
+@@ -12,7 +12,7 @@ named_zone_files_dir="/usr/local/etc/namedb"
+ named_zone_files_dir="/usr/local/etc/namedb"
+
+ # Temporary directory in which to fetch and build zone files
+-tmp_dir="/var/tmp/dns-blackhole"
++tmp_dir="/var/tmp/%%PORTNAME%%"
+
+ # The fully qualified hostname of your nameserver
+ dns_server_hostname="localhost"
diff --git a/dns/dns-blackhole/pkg-descr b/dns/dns-blackhole/pkg-descr
new file mode 100644
index 000000000000..3e6e517ad26d
--- /dev/null
+++ b/dns/dns-blackhole/pkg-descr
@@ -0,0 +1,7 @@
+If you're running your own home network with a Unix-based server, you can
+easily integrate a DNS blackhole into a local BIND DNS service -- and best
+of all, it's completely free. If you're already using BIND and know your
+way around it, you can use this script to manage BIND's Response Policy
+Zone (RPZ) feature. RPZ is designed for DNS firewall/blocking purposes.
+The script should run on *BSD and Linux distros with proper pathnames
+configured. Out of the box, it has a FreeBSD default configuration.
diff --git a/dns/dns-blackhole/pkg-plist b/dns/dns-blackhole/pkg-plist
new file mode 100644
index 000000000000..987d4a410b10
--- /dev/null
+++ b/dns/dns-blackhole/pkg-plist
@@ -0,0 +1,5 @@
+bin/dns-blackhole.sh
+etc/periodic/daily/901.dns-blackhole
+@sample %%ETCDIR%%/allowed_hosts.sample
+@sample %%ETCDIR%%/blocked_hosts.sample
+@sample %%ETCDIR%%/dns-blackhole.conf.sample