Roland's homepage

My random knot in the Web

De-facebook your internet

date: 2021-10-22
modified: 2021-12-04
reading time: 3 min.
category: howto
tags: DNS

Since I do not enjoy being a product for facebook to monetize, I’ve decided to de-facebook the internet, at least for me.

This article assumes you’re running your own DNS server. The code in this article can generate configuration data for dnsmasq and unbound.

The consumer versions os ms-windows don’t come with a DNS server, and most of the good ones do not run on it. If you are using ms-windows, I suggest using a pi-hole <https://pi-hole.net/> on your home network as a DNS server.

Who is facebook?

There are a lot of different domains that belong to facebook. In this article I’m using this list as a source for such domains. It is saved as a text file named facebook.com.

Or one could use e.g. curl to download the list:

curl -o facebook.com \
https://raw.githubusercontent.com/jmdugan/blocklists/master/corporations/facebook/all

Since I want to filter on domains, not individual hosts, we have to filter that list. I’m using Python to do that.

from collections import Counter

# Read the data file, remove IP addresses.
with open("facebook.com") as fbl:
    lines = [ln[7:].strip() for ln in fbl]

# Find the domains.
domains = [".".join(ln.split(".")[-2:]) for ln in lines]

# Count the occurences of each domain.
domains = Counter(domains)

# Make list of domains that occur more than once
domains = [k for k, v in domains.items() if v > 1]

# Give some the benefit of doubt.
domains = sorted(set(domains) - set(("edgekey.net", "akamaihd.net")))

print("# output for dnsmasq")
for dom in domains:
    print(f"address=/{dom}/")

print("\n# output for unbound")
print("server:")
for dom in domains:
    print(f'  local-zone: "{dom}" always_nxdomain')

This results in the following configuration snippets.

For dnsmasq:

address=/cdninstagram.com/
address=/edgesuite.net/
address=/facebook.com/
address=/facebook.de/
address=/facebook.fr/
address=/facebook.net/
address=/fb.com/
address=/fbcdn.com/
address=/fbcdn.net/
address=/fbsbx.com/
address=/freebasics.com/
address=/instagram.com/
address=/internet.org/
address=/online-metrix.net/
address=/tfbnw.net/
address=/thefacebook.com/
address=/whatsapp.com/
address=/whatsapp.net/

This form of address returns NXDOMAIN for the domain and all subdomains and hosts.

For unbound:

server:
    local-zone: "cdninstagram.com" always_nxdomain
    local-zone: "edgesuite.net" always_nxdomain
    local-zone: "facebook.com" always_nxdomain
    local-zone: "facebook.de" always_nxdomain
    local-zone: "facebook.fr" always_nxdomain
    local-zone: "facebook.net" always_nxdomain
    local-zone: "fb.com" always_nxdomain
    local-zone: "fbcdn.com" always_nxdomain
    local-zone: "fbcdn.net" always_nxdomain
    local-zone: "fbsbx.com" always_nxdomain
    local-zone: "freebasics.com" always_nxdomain
    local-zone: "instagram.com" always_nxdomain
    local-zone: "internet.org" always_nxdomain
    local-zone: "online-metrix.net" always_nxdomain
    local-zone: "tfbnw.net" always_nxdomain
    local-zone: "thefacebook.com" always_nxdomain
    local-zone: "whatsapp.com" always_nxdomain
    local-zone: "whatsapp.net" always_nxdomain

The form local-zone: <domain> always_nxdomain means that the query for any hosts and subdomains is always answered with NXDOMAIN.


For comments, please send me an e-mail.


Related articles


←  Installing Openstreetmap data on a Garmin zūmo 340LM Simple viewer for STEP files on UNIX  →