{"id":13826235,"url":"https://github.com/bobnisco/adblocking-vpn","last_synced_at":"2026-02-14T17:17:23.121Z","repository":{"id":146581901,"uuid":"84012429","full_name":"BobNisco/adblocking-vpn","owner":"BobNisco","description":"🔒 Create your own VPN server that blocks malicious domains to enhance your security and privacy","archived":false,"fork":false,"pushed_at":"2018-01-04T00:41:08.000Z","size":4,"stargazers_count":164,"open_issues_count":4,"forks_count":24,"subscribers_count":9,"default_branch":"master","last_synced_at":"2024-10-30T18:42:45.665Z","etag":null,"topics":["adblock","dnsmasq","linux","openvpn","privacy","security","vpn","vpn-server"],"latest_commit_sha":null,"homepage":"","language":null,"has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/BobNisco.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null}},"created_at":"2017-03-06T00:11:12.000Z","updated_at":"2024-08-01T16:54:32.000Z","dependencies_parsed_at":"2023-05-02T18:03:08.547Z","dependency_job_id":null,"html_url":"https://github.com/BobNisco/adblocking-vpn","commit_stats":null,"previous_names":[],"tags_count":0,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/BobNisco%2Fadblocking-vpn","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/BobNisco%2Fadblocking-vpn/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/BobNisco%2Fadblocking-vpn/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/BobNisco%2Fadblocking-vpn/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/BobNisco","download_url":"https://codeload.github.com/BobNisco/adblocking-vpn/tar.gz/refs/heads/master","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":225476384,"owners_count":17480215,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["adblock","dnsmasq","linux","openvpn","privacy","security","vpn","vpn-server"],"created_at":"2024-08-04T09:01:34.254Z","updated_at":"2026-02-14T17:17:23.089Z","avatar_url":"https://github.com/BobNisco.png","language":null,"funding_links":[],"categories":["\u003ca id=\"d62a971d37c69db9f3b9187318c3921a\"\u003e\u003c/a\u003e工具"],"sub_categories":["\u003ca id=\"8ea8f890cf767c3801b5e7951fca3570\"\u003e\u003c/a\u003e公网访问局域网"],"readme":"# Roll your own Adblocking VPN\nThis is a how to guide to creating your own VPN server that also blocks malicious domains to enhance your security and privacy while browsing.\n\n## How does this work?\nQuite simply, this guide will set you up with a Linux server that runs OpenVPN, with Dnsmasq, with a modified `hosts` file that routes offending sites to `0.0.0.0`.\n\n## Prerequisites\n- You will need a Debian/CentOS/Ubuntu server to run your OpenVPN server on.\n  - If you don't have one, you can get a low cost VPS from a provider like [Bandwagon Host](https://bandwagonhost.com/aff.php?aff=575\u0026pid=12)\n  - Disclaimer: Wherever you get a server from, be sure you're obeying their TOS. I'm not responsible for anything you do from following this guide.\n\n## Instructions\n1. Get OpenVPN installed on your server. For this, we will use [Nyr](https://github.com/Nyr)'s fantastic [OpenVPN installer script](https://github.com/Nyr/openvpn-install)\n  - `wget https://git.io/vpn -O openvpn-install.sh \u0026\u0026 bash openvpn-install.sh`\n    - Follow the instructions to get it set up, it should take about 1 minute\n    - It will generate an `.ovpn` file which you will use to connect to the VPN with from your client. We'll need this later on, so feel free to `scp` it to your client machine.\n2. Now we're going to overwrite our `hosts` file to route malicious domains to `0.0.0.0` by using [StevenBlack](https://github.com/StevenBlack)'s amazing [hosts](https://github.com/StevenBlack/hosts) project.\n  - `wget https://raw.githubusercontent.com/StevenBlack/hosts/master/hosts -O /etc/hosts`\n3. Install [Dnsmasq](http://www.thekelleys.org.uk/dnsmasq/doc.html)\n  - `sudo apt-get install dnsmasq`\n4. We need to edit the dnsmasq config file to do a few things:\n  - `sudo vim /etc/dnsmasq.conf`\n    - Enable `domain-needed` and `bogus-priv`\n    - Add in some alternative DNS servers (if you don't like the one provided by your host). For this example, we'll add Google DNS\n    ```\n    server=8.8.8.8\n    server=8.8.4.4\n    ```\n    - Tell dnsmasq to listen on both localhost and to the subnet that OpenVPN created\n    ```\n    listen-address=127.0.0.1\n    listen-address=10.8.0.1\n    ```\n5. Edit the OpenVPN config file to resolve dhcp through dnsmasq\n  - `vim /etc/openvpn/server.conf`\n    - Add `push \"dhcp-option DNS 10.8.0.1\"`\n    - Delete any other lines about `\"dhcp-option\"`\n6. Create a crontab entry that updates your hosts file every night at midnight:\n  - `crontab -e`\n    - Add the following line `0 0 * * * wget https://raw.githubusercontent.com/StevenBlack/hosts/master/hosts -O /etc/hosts \u0026\u0026 service openvpn restart`\n7. Restart the services\n  - `sudo service dnsmasq restart \u0026\u0026 sudo service openvpn restart`\n8. At this point, we have an OpenVPN server routing traffic through Dnsmasq, which is checking our hosts file for malicious hosts, and falling back to a DNS provider for non-malicious hosts. Using the `.ovpn` file from earlier, you can now connect to the VPN from your client.\n  - Mac: [Tunnelblick](https://tunnelblick.net/)\n  - iOS: [OpenVPN Connect](https://itunes.apple.com/us/app/openvpn-connect/id590379981)\n  - Android: [OpenVPN Connect](https://play.google.com/store/apps/details?id=net.openvpn.openvpn)\n\n## Adding/Removing Users\nThanks to the thoughtful work on Nyr, we can just use their script from the first step to manage users. It will detect that OpenVPN is already installed and prompt you to Add a new User, Removing existing user, or Remove OpenVPN completely: `wget https://git.io/vpn -O openvpn-install.sh \u0026\u0026 bash openvpn-install.sh`\n\n## License\nThese instructions are licensed under an [MIT License](LICENSE)\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fbobnisco%2Fadblocking-vpn","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fbobnisco%2Fadblocking-vpn","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fbobnisco%2Fadblocking-vpn/lists"}