OpenVPN with DNS AdBlocking using Docker# 18 October 2015
OpenVPN and DNS AdBlocking is a useful way to block ads on your smartphone without having to root it. This post describes how to setup such a service on your own server.
The idea is to set a DNS server in your OpenVPN DHCP options to push to clients. The DNS server runs in another Docker container and uses hosts files to block ads, trackers etc.
See https://www.digitalocean.com/community/tutorials/how-to-set-up-an-openvpn-server-on-ubuntu-14-04 as an example of how to set up an OpenVPN Docker container on a Ubuntu VPS. At the
-n 188.8.131.52so there is only a single placeholder DNS server to overwrite later on. Otherwise your settings will fallback to Google’s secondary DNS.
Setup the DNS container, this uses dnsmasq to block the bad hosts:
git clone https://github.com/arthurkay/sagittarius-A && cd sagittarius-A && ./build.sh
Run the dnsmasq container:
docker rm saga-dns; docker run --restart=always --name=saga-dns --expose 53 --cap-add=NET_ADMIN arthurkay/sagittarius-a &
We expose port 53 explicitly as the file does not currently contain an EXPOSE directive.
Run the OpenVPN container, linking to the saga-dns container:
docker rm openvpn; docker run --restart=always --volumes-from ovpn-data --name openvpn --link saga-dns:saga-dns -p 1194:1194/udp --cap-add=NET_ADMIN kylemanna/openvpn bash -c 'sed -i -E "s/(push dhcp-option DNS).*/\1 $SAGA_DNS_PORT_53_TCP_ADDR/" /etc/openvpn/openvpn.conf && ovpn_run' &
This updates the saga-dns container’s IP in the OpenVPN config before running OpenVPN.
(Hopefully) enjoy much faster browsing and less tracking on your mobile devices.