Skip to main content

在開發設備上測試防火牆的好用軟體

LuLu

https://github.com/objective-see/LuLu

作業系統

mac

功能

可以針對每個app的網路流量進行監控及封鎖,可以阻擋ip跟domain,相當方便

Pi Hole

https://pi-hole.net/

application layer層級的防火牆,可以監控及阻擋domain的流量,但因為本身是dns,所以要使用這個功能需要將網路卡的dns設定為pi-hole的ip才行

快速使用的docker-compose

要特別注意的為,他下面有個密碼的欄位,要記得把password的空間填上

另外,他的admin會在{pi-hole.ip}/admin,如果直接拜訪他的ip,會出現Forbidden的內容,這是正常現象

# More info at https://github.com/pi-hole/docker-pi-hole/ and https://docs.pi-hole.net/
services:
  pihole:
    container_name: pihole
    image: pihole/pihole:latest
    # For DHCP it is recommended to remove these ports and instead add: network_mode: "host"
    ports:
      - "53:53/tcp"
      - "53:53/udp"
      - "67:67/udp" # Only required if you are using Pi-hole as your DHCP server
      - "80:80/tcp"
    environment:
      TZ: 'America/Chicago'
      # WEBPASSWORD: 'set a secure password here or it will be random'
    # Volumes store your data between container upgrades
    volumes:
      - './etc-pihole:/etc/pihole'
      - './etc-dnsmasq.d:/etc/dnsmasq.d'
    #   https://github.com/pi-hole/docker-pi-hole#note-on-capabilities
    cap_add:
      - NET_ADMIN # Required if you are using Pi-hole as your DHCP server, else not needed
    restart: unless-stopped