Blocking ads and malwares with pfsense

Unbound is the default DNS resolver on Pfsense 2.4. Adding a list of domains to block.
StevenBlack in github. or notracking.

Here are the different steps to set it up for unbound:

Download the list (for example ads+malwares+social networks)

Entries in the host file are in the form domain and unbound needs something like this:

local-data: "domain A"

Following awk command will transform the list into something that unbound understands:
cat hosts | grep '^0\.0\.0\.0' | awk '{print "server: \nlocal-data: \""$2" A\""}' > ads.conf
Finally copy the resulting file to /var/unbound and set

Display Custom Option

in web interface:
# Ads overrides
include: /var/unbound/ads.conf

Reload unbound config with the following command on pfsense:
unbound-control -c /var/unbound/unbound.conf reload