How to Block Cloudflare

with DNS

This page show you how to block CloudFlare websites with localhost DNS server.

With DNSMasq (Type 1)

click me

Install dnsmasq.
Open configuration file of dnsmasq.
Add those lines to your config file and restart dnsmasq.
Try dig www.emsisoft.com

bogus-nxdomain=103.21.244.0/22
bogus-nxdomain=103.22.200.0/22
bogus-nxdomain=103.31.4.0/22
bogus-nxdomain=104.16.0.0/13
bogus-nxdomain=104.24.0.0/14
bogus-nxdomain=108.162.192.0/18
bogus-nxdomain=131.0.72.0/22
bogus-nxdomain=141.101.64.0/18
bogus-nxdomain=162.158.0.0/15
bogus-nxdomain=172.64.0.0/13
bogus-nxdomain=173.245.48.0/20
bogus-nxdomain=188.114.96.0/20
bogus-nxdomain=190.93.240.0/20
bogus-nxdomain=197.234.240.0/22
bogus-nxdomain=198.41.128.0/17
bogus-nxdomain=2400:cb00::/32
bogus-nxdomain=2405:8100::/32
bogus-nxdomain=2405:b500::/32
bogus-nxdomain=2606:4700::/32
bogus-nxdomain=2803:f800::/32
bogus-nxdomain=2a06:98c0::/29
bogus-nxdomain=2c0f:f248::/32

With DNSMasq (Type 2)

click me

In step 3, add those lines and restart dnsmasq.

stop-dns-rebind
alias=104.16.0.0-104.23.255.255,127.0.0.0,255.255.255.0
alias=104.24.0.0-104.27.255.255,127.0.0.0,255.255.255.0

With PowerDNS, dnsdist

click me

badips = newNMG()
badips:addMask("103.21.244.0/22")
badips:addMask("103.22.200.0/22")
badips:addMask("103.31.4.0/22")
badips:addMask("104.16.0.0/13")
badips:addMask("104.24.0.0/14")
badips:addMask("108.162.192.0/18")
badips:addMask("131.0.72.0/22")
badips:addMask("141.101.64.0/18")
badips:addMask("162.158.0.0/15")
badips:addMask("172.64.0.0/13")
badips:addMask("173.245.48.0/20")
badips:addMask("188.114.96.0/20")
badips:addMask("190.93.240.0/20")
badips:addMask("197.234.240.0/22")
badips:addMask("198.41.128.0/17")
badips:addMask("2400:cb00::/32")
badips:addMask("2405:8100::/32")
badips:addMask("2405:b500::/32")
badips:addMask("2606:4700::/32")
badips:addMask("2803:f800::/32")
badips:addMask("2a06:98c0::/29")
badips:addMask("2c0f:f248::/32")

function ipfilter(rem, loc, dh)
    return badips:match(rem) or dh:getAD()
end

With BIND

click me

deny-answer-addresses {
103.21.244.0/22;
103.22.200.0/22;
103.31.4.0/22;
104.16.0.0/13;
104.24.0.0/14;
108.162.192.0/18;
131.0.72.0/22;
141.101.64.0/18;
162.158.0.0/15;
172.64.0.0/13;
173.245.48.0/20;
188.114.96.0/20;
190.93.240.0/20;
197.234.240.0/22;
198.41.128.0/17;
2400:cb00::/32;
2405:8100::/32;
2405:b500::/32;
2606:4700::/32;
2803:f800::/32;
2a06:98c0::/29;
2c0f:f248::/32;
} except-from { "localhost.invalid"; };
deny-answer-aliases { "localhost.invalid"; };

With dnscrypt-proxy

click me

[blocked_ips]
blocked_ips_file = 'blocked-ips.txt'
[blocked_names]
blocked_names_file = 'blocked-names.txt'

Download cloudflare_owned_domains.txt and save it as blocked-names.txt.
Add them to your blocked-ips.txt.
- Or download full pieces.txt for absolute protection.

103.21.244.*
103.21.245.*
103.21.246.*
103.21.247.*
103.22.200.*
103.22.201.*
103.22.202.*
103.22.203.*
103.31.4.*
103.31.5.*
103.31.6.*
103.31.7.*
104.16.*
104.17.*
104.18.*
104.19.*
104.20.*
104.21.*
104.22.*
104.23.*
104.24.*
104.25.*
104.26.*
104.27.*
108.162.192.*
108.162.193.*
108.162.194.*
108.162.195.*
108.162.196.*
108.162.197.*
108.162.198.*
108.162.199.*
108.162.200.*
108.162.201.*
108.162.202.*
108.162.203.*
108.162.204.*
108.162.205.*
108.162.206.*
108.162.207.*
108.162.208.*
108.162.209.*
108.162.210.*
108.162.211.*
108.162.212.*
108.162.213.*
108.162.214.*
108.162.215.*
108.162.216.*
108.162.217.*
108.162.218.*
108.162.219.*
108.162.220.*
108.162.221.*
108.162.222.*
108.162.223.*
108.162.224.*
108.162.225.*
108.162.226.*
108.162.227.*
108.162.228.*
108.162.229.*
108.162.230.*
108.162.231.*
108.162.232.*
108.162.233.*
108.162.234.*
108.162.235.*
108.162.236.*
108.162.237.*
108.162.238.*
108.162.239.*
108.162.240.*
108.162.241.*
108.162.242.*
108.162.243.*
108.162.244.*
108.162.245.*
108.162.246.*
108.162.247.*
108.162.248.*
108.162.249.*
108.162.250.*
108.162.251.*
108.162.252.*
108.162.253.*
108.162.254.*
108.162.255.*
131.0.72.*
131.0.73.*
131.0.74.*
131.0.75.*
141.101.100.*
141.101.101.*
141.101.102.*
141.101.103.*
141.101.104.*
141.101.105.*
141.101.106.*
141.101.107.*
141.101.108.*
141.101.109.*
141.101.110.*
141.101.111.*
141.101.112.*
141.101.113.*
141.101.114.*
141.101.115.*
141.101.116.*
141.101.117.*
141.101.118.*
141.101.119.*
141.101.120.*
141.101.121.*
141.101.122.*
141.101.123.*
141.101.124.*
141.101.125.*
141.101.126.*
141.101.127.*
141.101.64.*
141.101.65.*
141.101.66.*
141.101.67.*
141.101.68.*
141.101.69.*
141.101.70.*
141.101.71.*
141.101.72.*
141.101.73.*
141.101.74.*
141.101.75.*
141.101.76.*
141.101.77.*
141.101.78.*
141.101.79.*
141.101.80.*
141.101.81.*
141.101.82.*
141.101.83.*
141.101.84.*
141.101.85.*
141.101.86.*
141.101.87.*
141.101.88.*
141.101.89.*
141.101.90.*
141.101.91.*
141.101.92.*
141.101.93.*
141.101.94.*
141.101.95.*
141.101.96.*
141.101.97.*
141.101.98.*
141.101.99.*
162.158.*
162.159.*
172.64.*
172.65.*
172.66.*
172.67.*
172.68.*
172.69.*
172.70.*
172.71.*
173.245.48.*
173.245.49.*
173.245.50.*
173.245.51.*
173.245.52.*
173.245.53.*
173.245.54.*
173.245.55.*
173.245.56.*
173.245.57.*
173.245.58.*
173.245.59.*
173.245.60.*
173.245.61.*
173.245.62.*
173.245.63.*
188.114.100.*
188.114.101.*
188.114.102.*
188.114.103.*
188.114.104.*
188.114.105.*
188.114.106.*
188.114.107.*
188.114.108.*
188.114.109.*
188.114.110.*
188.114.111.*
188.114.96.*
188.114.97.*
188.114.98.*
188.114.99.*
190.93.240.*
190.93.241.*
190.93.242.*
190.93.243.*
190.93.244.*
190.93.245.*
190.93.246.*
190.93.247.*
190.93.248.*
190.93.249.*
190.93.250.*
190.93.251.*
190.93.252.*
190.93.253.*
190.93.254.*
190.93.255.*
197.234.240.*
197.234.241.*
197.234.242.*
197.234.243.*
198.41.128.*
198.41.129.*
198.41.130.*
198.41.131.*
198.41.132.*
198.41.133.*
198.41.134.*
198.41.135.*
198.41.136.*
198.41.137.*
198.41.138.*
198.41.139.*
198.41.140.*
198.41.141.*
198.41.142.*
198.41.143.*
198.41.144.*
198.41.145.*
198.41.146.*
198.41.147.*
198.41.148.*
198.41.149.*
198.41.150.*
198.41.151.*
198.41.152.*
198.41.153.*
198.41.154.*
198.41.155.*
198.41.156.*
198.41.157.*
198.41.158.*
198.41.159.*
198.41.160.*
198.41.161.*
198.41.162.*
198.41.163.*
198.41.164.*
198.41.165.*
198.41.166.*
198.41.167.*
198.41.168.*
198.41.169.*
198.41.170.*
198.41.171.*
198.41.172.*
198.41.173.*
198.41.174.*
198.41.175.*
198.41.176.*
198.41.177.*
198.41.178.*
198.41.179.*
198.41.180.*
198.41.181.*
198.41.182.*
198.41.183.*
198.41.184.*
198.41.185.*
198.41.186.*
198.41.187.*
198.41.188.*
198.41.189.*
198.41.190.*
198.41.191.*
198.41.192.*
198.41.193.*
198.41.194.*
198.41.195.*
198.41.196.*
198.41.197.*
198.41.198.*
198.41.199.*
198.41.200.*
198.41.201.*
198.41.202.*
198.41.203.*
198.41.204.*
198.41.205.*
198.41.206.*
198.41.207.*
198.41.208.*
198.41.209.*
198.41.210.*
198.41.211.*
198.41.212.*
198.41.213.*
198.41.214.*
198.41.215.*
198.41.216.*
198.41.217.*
198.41.218.*
198.41.219.*
198.41.220.*
198.41.221.*
198.41.222.*
198.41.223.*
198.41.224.*
198.41.225.*
198.41.226.*
198.41.227.*
198.41.228.*
198.41.229.*
198.41.230.*
198.41.231.*
198.41.232.*
198.41.233.*
198.41.234.*
198.41.235.*
198.41.236.*
198.41.237.*
198.41.238.*
198.41.239.*
198.41.240.*
198.41.241.*
198.41.242.*
198.41.243.*
198.41.244.*
198.41.245.*
198.41.246.*
198.41.247.*
198.41.248.*
198.41.249.*
198.41.250.*
198.41.251.*
198.41.252.*
198.41.253.*
198.41.254.*
198.41.255.*

dns.md 7.6 KB Permalink History Raw

How to Block Cloudflare

with DNS

With DNSMasq (Type 1)

With DNSMasq (Type 2)

With PowerDNS, dnsdist

With BIND

With dnscrypt-proxy

dns.md 7.6 KB

Permalink History Raw