TheGreatWall

Prevent program and malware to bypass DNS filter by using DoH (by Sekhan)

TheGreatWall Alternatives

Similar projects and alternatives to TheGreatWall

NOTE: The number of mentions on this list indicates mentions on common posts plus user suggested alternatives. Hence, a higher number means a better TheGreatWall alternative or higher similarity.

TheGreatWall reviews and mentions

Posts with mentions or reviews of TheGreatWall. We have used some of these posts to build our list of alternatives and similar projects. The last one was on 2023-02-24.
  • Restrict DNS resolution to pihole only
    3 projects | /r/pihole | 24 Feb 2023
    Here's lists: https://github.com/Sekhan/TheGreatWall
    3 projects | /r/pihole | 24 Feb 2023
    shouldn't be that hard, just load one of these... https://github.com/Sekhan/TheGreatWall https://github.com/oneoffdallas/dohservers
  • AdGuard Home and dealing with DoH
    4 projects | /r/Adguard | 17 Mar 2022
    I run Pfsense and am able to block most common DoH services. I’m sure you will be able to configure similar options on opnsense. The best way to do this is a DNS block through AGH and an IP block with opnsense. Firefox provides what domains to block to disable their DoH, https://support.mozilla.org/en-US/kb/configuring-networks-disable-dns-over-https. You can also add these two lists to block most other common DoH services, https://github.com/oneoffdallas/dohservers, https://github.com/Sekhan/TheGreatWall. These lists will work with AGH for DNS blocking and for IP blocking aliases. If you have any Apple devices on your network you can use these domains to block private relay, https://raw.githubusercontent.com/Rogacz/private-relay/main/pr2.txt. I recommend you add these private relay domains as a custom entry in AGH to return NXDOMAIN so that the device shows that private relay is unavailable versus using a NULL response where it will say it’s available when it really isn’t. With these lists added to DNS blocklists as well as IP blocklists I have seen almost no DoH services getting through. The only service that I’ve experienced getting through the rules so far is Next DNS since it uses different IPs depending on what is fastest for your location, making it harder to block. I found a way to discover the IPs for their servers near you and will edit the post if I find the instructions again. Also make sure to completely block port 853 to block DoT. Lastly using these instructions from Pfsense, you can redirect or block all DNS queries that aren’t destined for your AGH instance. The instructions should be transferable to opnsense.
  • Blocklist for DNS over HTTPS?
    4 projects | /r/pihole | 22 Oct 2021
  • How long until Google [and others] use https://8.8.8.8 internally, and hence bypass Pi-Hole?
    2 projects | /r/pihole | 28 Jun 2021
  • Adguar home question
    2 projects | /r/Adguard | 23 Mar 2021
    Original: https://github.com/Sekhan/TheGreatWall
  • Android defaults to 8.8.8.8 as secondary DNS with Pi-hole as DHCP server
    2 projects | /r/pihole | 19 Mar 2021
    Another test is android also offers Private DNS under advanced settings if set to automatic it will send requests to google DoH, turn this off and see if that changes anything. You could also add the The Great Wall DoH pihole blocklist to see if that helps too: https://github.com/Sekhan/TheGreatWall/blob/master/TheGreatWall.txt
  • A note from our sponsor - WorkOS
    workos.com | 29 Mar 2024
    The APIs are flexible and easy-to-use, supporting authentication, user identity, and complex enterprise features like SSO and SCIM provisioning. Learn more →

Stats

Basic TheGreatWall repo stats
11
101
0.0
over 1 year ago
SaaSHub - Software Alternatives and Reviews
SaaSHub helps you find the best software and product alternatives
www.saashub.com