[GH-ISSUE #1209] [Advice Needed] Looking to build a friendly UI and schedule domain disabling for Home/Business networks #628

New issue

Open

opened 2026-03-15 23:32:05 +03:00 by kerem · 1 comment

kerem commented

2026-03-15 23:32:05 +03:00

Owner

Originally created by @rrichardson on GitHub (Sep 18, 2020).
Original GitHub issue: https://github.com/hickory-dns/hickory-dns/issues/1209

First, thanks for building such an amazing set of libraries and tools! This is a pretty amazing body of work. Also, apologies in advance for the length of this message.

Question setup: Living the COVID lifestyle, I have 3 young kids at home that conduct 90% of their school curriculum on a computer. They find themselves being distracted by the multitude of gaming websites out on the interwebs instead of doing their schoolwork.

I'd like to be able to create a DNS server for home use that can fail-to-resolve a number of deny-lilsted domains during a pre-set schedule. I plan to build a UI in Sauron or Yew that would provide a simple way to schedule domains to be disabled at fixed times of the day/week. I figure this could also be useful for businesspeople who find themselves drifting to Reddit or Facebook too often.

Question A: It seems to me that what I'm asking for is a way to build a DNS server that intentionally returns incorrect answers. I
can think of 2 way to do this:

Use the more traditional DNS server approach with DDNS Updates, where this server pretends to be authoritative for every zone I am trying to deny. It just has incorrect records during certain times of the day.
Execute the DNS request/response as normal, but hook the response and check against my deny-list, and if the domain is blocked, rewrite the response with a fake response.

In both cases, I am guessing that the server would have to insist on executing only recursive queries.

Question B: What would be the best strategy for executing dynamic updates on a DNS server that is also a web server? It seems like a DNS server that returns incorrect answers.

I guess this depends on answer 0. If I'm using option 2, then I would just use the DNS Server lib and add my custom hooks, then I'd link in Warp or some other HTTP framework library to serve the Web UI portion.

If it is going to option 1, and issue dynamic updates, should I use RFC2136 from the Client (Linking the client in with the server) or is there an API in the server to directly update the zone DB records?

Originally created by @rrichardson on GitHub (Sep 18, 2020). Original GitHub issue: https://github.com/hickory-dns/hickory-dns/issues/1209 First, thanks for building such an amazing set of libraries and tools! This is a pretty amazing body of work. Also, apologies in advance for the length of this message. **Question setup:** Living the COVID lifestyle, I have 3 young kids at home that conduct 90% of their school curriculum on a computer. They find themselves being distracted by the multitude of gaming websites out on the interwebs instead of doing their schoolwork. I'd like to be able to create a DNS server for home use that can fail-to-resolve a number of deny-lilsted domains during a pre-set schedule. I plan to build a UI in Sauron or Yew that would provide a simple way to schedule domains to be disabled at fixed times of the day/week. I figure this could also be useful for businesspeople who find themselves drifting to Reddit or Facebook too often. **Question A:** It seems to me that what I'm asking for is a way to build a DNS server that intentionally returns incorrect answers. I can think of 2 way to do this: 1. Use the more traditional DNS server approach with DDNS Updates, where this server pretends to be authoritative for every zone I am trying to deny. It just has incorrect records during certain times of the day. 2. Execute the DNS request/response as normal, but hook the response and check against my deny-list, and if the domain is blocked, rewrite the response with a fake response. In both cases, I am guessing that the server would have to insist on executing only recursive queries. **Question B**: What would be the best strategy for executing dynamic updates on a DNS server that is also a web server? It seems like a DNS server that returns incorrect answers. I guess this depends on answer 0. If I'm using option 2, then I would just use the DNS Server lib and add my custom hooks, then I'd link in Warp or some other HTTP framework library to serve the Web UI portion. If it is going to option 1, and issue dynamic updates, should I use RFC2136 from the Client (Linking the client in with the server) or is there an API in the server to directly update the zone DB records?

kerem added the

question

label

2026-03-15 23:32:05 +03:00

kerem commented

2026-03-15 23:32:16 +03:00

Author

Owner

@bluejekyll commented on GitHub (Sep 18, 2020):

This is possible and in fact many people have done work in this area. You can find blackhole lists here. From there you can probably find some examples for implementing with others.

I think you are asking for an interesting feature which is a time based period for these lists to be activated. I haven't looked into a lot of this at this point.

For trust-dns, we have some things started in this area, but I'd say there are still some gaps, for example, here is the forwarding configuration (which is part of what you'd need for this).

We have some similar requests from the past: #13

@bluejekyll commented on GitHub (Sep 18, 2020): This is possible and in fact many people have done work in this area. You can find blackhole lists [here](https://en.wikipedia.org/wiki/Comparison_of_DNS_blacklists). From there you can probably find some examples for implementing with others. I think you are asking for an interesting feature which is a time based period for these lists to be activated. I haven't looked into a lot of this at this point. For trust-dns, we have some things started in this area, but I'd say there are still some gaps, for example, here is the [forwarding configuration](https://github.com/bluejekyll/trust-dns/blob/main/tests/test-data/named_test_configs/example_forwarder.toml) (which is part of what you'd need for this). We have some similar requests from the past: #13

kerem referenced this issue

2026-03-16 02:13:16 +03:00

[PR #628] [CLOSED] Update rand requirement from ^0.5 to ^0.6 #1561