nerfs provides a tool intended to be run as a cronjob that collects domains known to be
malicious / nsfw / unwanted content. It also provides a client library for accessing the
produced artifacts, which are simply written as files on disk.
Note that nerfs may be updated with breaking changes at any time; fork this repository if you
intend to use either the cronjob or client library.
The nerfs library package can be added to a Go project with go get.
go get cattlecloud.net/go/nerfs@latestimport "cattlecloud.net/go/nerfs"The vast majority of sources come from the very popular adblock lists by StevenBlack.
See the hosts files.
➜ .bin/nerfs build -o /tmp
06/20 09:25:43 INFO [domains-builder] starting the build ...
06/20 09:25:43 INFO [domains-builder] writing artifact to /tmp/domains.txt
06/20 09:25:43 INFO [domains-builder] complete in 757.083293ms
06/20 09:25:43 INFO [wordlist-builder] starting the build ...
06/20 09:25:43 INFO [wordlist-builder] writing artifact to /tmp/wordlist.json
06/20 09:25:44 INFO [wordlist-builder] complete in 36.967782ms
An example systemd unit file; assuming nerfs system user.
[Unit]
Description=Build nerf file artifacts.
[Service]
Type=oneshot
ExecStart=/opt/bin/nerfs build -o /path/to/output
User=nerfs
Group=nerfs
ReadWritePaths=/path/to/output
PrivateTmp=yes
NoNewPrivileges=true
ProtectSystem=strict
CPUQuota=100%
CPUWeight=100
OOMScoreAdjust=900
MemoryLow=16M
MemoryMax=64M
An example systemd timer file
[Unit]
Description=Run nerfs every 24 hours.
[Timer]
OnBootSec=5min
OnUnitActiveSec=24h
Unit=nerfs.service
[Install]
WantedBy=timers.target