Subscribing to blacklists

General discussions about Little Snitch
jamesdornan
Posts: 1
Joined: Mon Jun 18, 2018 11:19 pm

Subscribing to blacklists

Postby jamesdornan » Mon Jun 18, 2018 11:21 pm

Any idea how to add this list:

https://pgl.yoyo.org/adservers/serverli ... ttlesnitch

It's supposedly in the correct format, but I'm guessing for a previous version of Little Snitch?

Thanks!

the-gog
Posts: 6
Joined: Fri Jun 15, 2018 6:10 pm

Re: Subscribing to blacklists

Postby the-gog » Mon Jun 18, 2018 11:44 pm

Easiest way would be to run a Pi Hole on your network. This list would go into that, if it's not already in it.

Edit – it wasn't, but is in mine now:

Image

Many thanks for finding it.

mcgroarty
Posts: 16
Joined: Sun Apr 13, 2014 1:02 am

Re: Subscribing to blacklists

Postby mcgroarty » Tue Jun 19, 2018 5:23 pm

jamesdornan wrote:Any idea how to add this list:

https://pgl.yoyo.org/adservers/serverli ... ttlesnitch

It's supposedly in the correct format, but I'm guessing for a previous version of Little Snitch?


That list appears to be in the format you would use if you were permanently importing the set of rules. From comments on the site, their support for the Little Snitch format far predates the subscription format.

You could email them and let them know that Little Snitch now supports subscriptions and see if they want to work with you on adding a Little Snitch Subscription Format.

iFrankZagarino
Posts: 5
Joined: Fri Jun 22, 2018 1:46 pm

Re: Subscribing to blacklists

Postby iFrankZagarino » Sun Jun 24, 2018 10:21 am

Mentioned it in another post.
I found a list from someone who converted the Hosts-Files from StevenBlack-Hosts into LittleSnitch rulesets

https://github.com/naveednajam/Little-Snitch---Rule-Groups

But so far I cannot recommend to use it, because in my case LS is not able to handle such a big amount of connectionrules (70000) and crashes. Network Monitor stops working and Configurations are hard to manage.

christian
Objective Development
Objective Development
Posts: 1442
Joined: Thu Nov 09, 2006 11:46 am

Re: Subscribing to blacklists

Postby christian » Mon Jun 25, 2018 10:54 am

Which version of Little Snitch do you use? We are aware of this problem and have therefore limited the maximum amount of domains/hosts which can be referenced in a subscription to 10,000. This is in the final 4.1, so you're probably running an older nightly release.

If you upgrade, please upgrade to 4.1.1 nightly. It still has the limit, but contains a couple of fixes which may be relevant to you.

dflkgsnp
Posts: 1
Joined: Mon Jun 25, 2018 8:24 pm

Re: Subscribing to blacklists

Postby dflkgsnp » Mon Jun 25, 2018 8:26 pm

How can I fix 10,000 limit on 4.1.1?

christian
Objective Development
Objective Development
Posts: 1442
Joined: Thu Nov 09, 2006 11:46 am

Re: Subscribing to blacklists

Postby christian » Mon Jun 25, 2018 10:12 pm

You can't fix it at the moment. Parts of the code use algorithms with computing time proportional to the square of the number of hosts/domains. We have to identify all those code places and find alternative algorithms, if possible.

For the moment, providers of managed rules must either make a selection (choose only the most important set of rules) or optimize the list (e.g. merge hosts in the same domain into a domain rule).

iFrankZagarino
Posts: 5
Joined: Fri Jun 22, 2018 1:46 pm

Re: Subscribing to blacklists

Postby iFrankZagarino » Tue Jun 26, 2018 8:16 am

Is the overall limit of 10000 rules for all subscriptions or is it just per ruleset?

christian
Objective Development
Objective Development
Posts: 1442
Joined: Thu Nov 09, 2006 11:46 am

Re: Subscribing to blacklists

Postby christian » Tue Jun 26, 2018 11:09 am

We have set the limit for each subscription because other limits are hard to explain. If you subscribe multiple feeds, each going to the limit, you will notice performance issues. The limit and what is counted is subject to change.

Skeptical.me
Posts: 3
Joined: Thu Jun 14, 2018 2:46 pm

Re: Subscribing to blacklists

Postby Skeptical.me » Tue Jan 22, 2019 7:41 am

the-gog wrote:Easiest way would be to run a Pi Hole on your network. This list would go into that, if it's not already in it.

Edit – it wasn't, but is in mine now:

Image

Many thanks for finding it.


I have a Raspberry Pi 3 B+ running NextCloudPi. And my ASUS RT-AX88U runs a program called Diversion that blocks Ads and Trackers across the LAN, like Pi Hole. I've also tried AdGuard Home. The only problem with Pi Hole and AdGuard Home is that the DNS leaks when using VPN Clients, but not Diversion as long as I do not use selective routing. So if I'm using ProtonVPN on a client in my router and I'm using Pi Hole or AdGuard Home the DNS leaks.

Is there anyway with Pi Hole to prevent DNS leaks when using VPN Clients on Routers?


Return to “Little Snitch General”

Who is online

Users browsing this forum: Matthewvit and 5 guests