Project

General

Profile

Actions
Copy link

Feature #11155

closed

SafeSearch AAAA

Added by Viktor Gurov about 4 years ago. Updated almost 2 years ago.

Status:
Resolved
Priority:
Normal
Assignee:
Viktor Gurov
Category:
pfBlockerNG
Target version:
-
Start date:
12/11/2020
Due date:
% Done:

0%

Estimated time:
Plus Target Version:

Description

SafeSearch DNS redirection doesn't work for AAAA queries,

must be added/fixed:

forcesafesearch.google.com - 2001:4860:4802:32::78 (https://www.reddit.com/r/ipv6/comments/8y5yfh/googles_lock_safesearch_advanced_feature_now_has/)

safe.duckduckgo.com - no AAAA record, but it must use CNAME instead of static IP, see https://www.reddit.com/r/pfBlockerNG/comments/inat95/new_ip_address_for_safeduckduckgocom_old_ip/

strict.bing.com - no AAAA record

yandex.ru - ?

safesearch.pixabay.com - 2606:4700::6812:14b7, 2606:4700::6812:15b7

it's better to use CNAME instead of static A/AAAA entries,
see https://gist.github.com/johannrichard/a645b32c75646b1f56813b517eb6cc8b for example

Original SafeSearch feature request: #9874

Actions
Copy link
 #1

Updated by Viktor Gurov about 4 years ago

Google, Youtube and Pixabay IPv6 (AAAA) SafeSearch:
https://github.com/pfsense/FreeBSD-ports/pull/1005

Actions
Copy link
 #2

Updated by Renato Botelho about 4 years ago

  • Status changed from New to Feedback
  • Assignee set to Viktor Gurov

PR haws been merged. Thanks!

Actions
Copy link
 #3

Updated by Viktor Gurov almost 4 years ago

  • Status changed from Feedback to New
Actions
Copy link
 #4

Updated by Danilo Zrenjanin almost 4 years ago

Added description regarding IPv4/IPv6 redirect support by search engines.
https://github.com/pfsense/FreeBSD-ports/pull/1019

Actions
Copy link
 #5

Updated by Jim Pingle almost 4 years ago

  • Status changed from New to Pull Request Review
Actions
Copy link
 #6

Updated by BBcan177 . almost 4 years ago

Do we need to use a redirect/local-zone for these CNAMES?

Are there any other sub-domains other than the "www." variant that should not be redirected?

Maybe it would be better to add two local-data entries for each domain (with/without 'www.') ?

Also adding a 300 TTL would be appropriate.

local-data: "duckduckgo.com 300 IN CNAME safe.duckduckgo.com" 
local-data: "pixabay.com 300 IN CNAME safesearch.pixabay.com"
Actions
Copy link
 #7

Updated by Renato Botelho almost 4 years ago

  • Status changed from Pull Request Review to Feedback

PR has been merged. Thanks!

Actions
Copy link
 #8

Updated by Renato Botelho almost 4 years ago

Renato Botelho wrote:

PR has been merged. Thanks!

PR 1035 containing this change has been merged. Thanks!

Actions
Copy link
 #9

Updated by Marcos M almost 2 years ago

  • Status changed from Feedback to Resolved
Actions
Copy link

Also available in: Atom PDF