diff --git a/hosts/hosts b/hosts/hosts index 84e76c9..2ad49da 100644 --- a/hosts/hosts +++ b/hosts/hosts @@ -25,13 +25,13 @@ 127.0.0.1 s.youtube.com 127.0.0.1 googlevideo.com 127.0.0.1 www.googlevideo.com -0.0.0.0 discord.com -0.0.0.0 www.discord.com -0.0.0.0 discordapp.com -0.0.0.0 www.discordapp.com -0.0.0.0 cdn.discordapp.com -0.0.0.0 cdn.discord.com -0.0.0.0 media.discordapp.net +# 0.0.0.0 discord.com +# 0.0.0.0 www.discord.com +# 0.0.0.0 discordapp.com +# 0.0.0.0 www.discordapp.com +# 0.0.0.0 cdn.discordapp.com +# 0.0.0.0 cdn.discord.com +# 0.0.0.0 media.discordapp.net # Block Minecraft download sites 127.0.0.1 minecraft.net 127.0.0.1 www.minecraft.net diff --git a/hosts/install.sh b/hosts/install.sh index bc922fb..3b0427d 100755 --- a/hosts/install.sh +++ b/hosts/install.sh @@ -1,4 +1,24 @@ #!/bin/bash + +# Enable systemd-resolved sudo systemctl enable systemd-resolved + +# Remove all attributes from /etc/hosts to allow modifications +sudo chattr -i -a /etc/hosts 2>/dev/null || true + +# Copy the hosts file sudo cp hosts /etc/hosts -sudo systemd-resolve --flush-caches + +# Set restrictive permissions (read-only for owner, no access for group/others) +sudo chmod 600 /etc/hosts + +# Make the file immutable (prevents deletion, renaming, and most modifications) +sudo chattr +i /etc/hosts + +# Also set append-only attribute as additional protection +# Note: This requires removing immutable first, then setting both +sudo chattr -i /etc/hosts +sudo chattr +a /etc/hosts + +# Flush DNS caches +sudo systemd-resolve --flush-caches \ No newline at end of file