1 files changed, 79 insertions, 30 deletions
diff --git a/content/guide/stuff-about-dns.md b/content/guide/stuff-about-dns-and-ip.md
index 06c3956..b336d30 100644
--- a/content/guide/stuff-about-dns.md
+++ b/content/guide/stuff-about-dns-and-ip.md
@@ -1,5 +1,5 @@
 ---
-title: Stuff about dns
+title: Stuff about DNS and IP
 date: 2025-10-27T13:46:54+01:00
 draft: true
 index: false
@@ -25,7 +25,7 @@ There are two kinds of IP addresses; IPv4 and IPv6.
 Try to get your local IPv4 address in your local network :
 
 ```sh
-ip a | grep "inet .*"
+ip a | grep "inet "
 
 # You might get something like the following :
 inet 127.0.0.1/8 .... # your localhost
@@ -38,16 +38,13 @@ You can even ping yourself or other devices in your house that are connected to
 ping -c 2 192.0.2.1 # or localhost, ping yourself
 ```
 
-You can get your public IPv4 by going to websites that tell you your IP like [whatismyipaddress.com/](https://whatismyipaddress.com/)
+You can get your public IPv4 by going to websites that tell you your IP like [whatismyipaddress.com](https://whatismyipaddress.com/) or [ifconfig.co](https://ifconfig.co)
 
-Or curl [ifconfig.co](https://ifconfig.co) like so :
+You can also do it from the command line :
 
 ```sh
-curl ifconfig.co # gives you your public IPv6
-curl -6 ifconfig.co # it also works
-```
-```sh
-curl -4 ifconfig.co # gives you your public IPv4
+curl -6 ifconfig.co # gives IPv6
+curl -4 ifconfig.co # gives IPv4
 ```
 
 ### What's your Wi-Fi router local IP ?
@@ -55,7 +52,7 @@ curl -4 ifconfig.co # gives you your public IPv4
 Just use the `ip` command again :
 
 ```sh
-ip route | grep default
+ip r | grep default
 
 # You will get something like
 default via IP_ADDRESS ...
@@ -65,18 +62,19 @@ If your ISP (Internet Service Provider) allows it, you can put the `IP_ADDRESS`
 
 The password is probably the one you use to connect to Wi-Fi.
 
-### Can't open ports in range [0, 32765[
+### Can't open ports in range (0, 32765)
 
 I had this problem. It's a serious issue if you are trying to self host because the HTTP/HTTPS port and tons of others are in this range.
 
-Personally, I just went to the website of my ISP and there was an option to get a "static full stack IPv4 address". Maybe you should call your ISP I don't know.
+To open these ports, I just went to the website of my ISP and there was an option to get a "static, full stack IPv4 address". Just some _thing_ to enable for free. The mail ports were also closed, I had to open them through the same website.
+
+Since then, I can open the ports I want (and send emails).
 
 ## DNS
 
 ### What is this ?
 
-DNS (Domain Name System) is pretty cool, it's a fancy _alias_ for IP adresses. See it like a `Dictionnary` data structure in programming.
-
+DNS (Domain Name System) is pretty cool, it's a fancy _alias_ for IP adresses.
 So basically, you have a domain name that points to an IP address.
 
 ```txt
@@ -87,17 +85,21 @@ This is possible by setting DNS records. You set "A" record that bind the domain
 
 Domain names are cool and convenient. It would be a pain to remember the IP addresses of my favourite websites.
 
+You also have subdomains. Like [dns.mielota.com](https://dns.mielota.com), `dns` is a subdomain of [mielota.com](/). With the help of a webserver like [NGINX](https://nginx.org) you can ask your server to serve different kind of content depending on the domain/subdomains.
+
+You also have "CNAME" records, they act like _alias_. "MX" records are for _Mail Exchange_ and "TXT" store some data.
+
 ### DNS resolvers
 
-A DNS resolver is a server that translates domain names into IP addresses. See it like _getter_ function :
+A DNS resolver is a server that translates domain names into IP addresses. See it like some function :
 
-```lua
-get_ip_from_domain_name("example.com") -- Returns 23.220.75.245
+```py
+get_ip_from("example.com") # Returns 23.220.75.245
 ```
 
-Some DNS resolvers have really weird IP addresses. There's 1.1.1.1 (cloudflare), 8.8.8.8 (google), 9.9.9.9 (quad9). I wonder how they even got them.
+Commons DNS resolvers have really weird IP addresses. There's 1.1.1.1 (cloudflare), 8.8.8.8 (google), 9.9.9.9 (quad9). I wonder how they even got them.
 
-Try one of them yourself. Send a DNS query for whatever domain name, to one of these DNS resolvers.
+Try one of them yourself. Send a DNS query to one of these DNS resolvers to get the IP of some domain name.
 
 Install the `dig` command first.
 
@@ -106,48 +108,95 @@ sudo pacman -S bind # On Arch
 sudo apt install dnsutils # On Debian
 ```
 
+(Note that you can pass in the `+short` arg to the `dig` command if you don't like the verbose output)
+
 Now you can query some DNS resolver :
 
 ```sh
 dig example.com @1.1.1.1
 ```
 
-> Note that some DNS providers are unsafe and/or log the IP of websites you connect to. Choose your DNS resolver carefully. Also know that using DNS over HTTPS or DNS over TLS doesn't make you invisible.
+> Note that some DNS resolvers are unsafe and/or log the IP of websites you connect to. Choose your DNS resolver carefully. Also know that using DNS over HTTPS or DNS over TLS doesn't make you invisible.
 
 ### Control the websites you can visit
 
 You can filter the responses of DNS resolvers with programs like [blocky](https://0xerr0r.github.io/blocky/latest/).
 
-You can ask `blocky` to redirect some domain names to the null IP 0.0.0.0. By doing so you can stop your computer/browser/phone from querying websites containing ads, malware, or [unwanted content](https://denshi.org/antiporn).
+You can ask `blocky` to redirect some domain names to the null IP 0.0.0.0. For example you can add `example.com` to your "blacklist" and you will get this :
+
+```sh
+dig example.com @your_custom_dns
+# you will get 0.0.0.0
+```
 
-For example ask for the IP of `ads.google.com` :
+By doing so you can stop your computer/browser/phone from finding websites containing ads, malware, or [unwanted content](https://denshi.org/antiporn).
+
+For example ask for the IP of `ads.google.com` to the 8.8.8.8 DNS server:
 
 ```sh
-dig ads.google.com @8.8.8.8
+dig +short ads.google.com @8.8.8.8
 ```
 
-You got the IP address right ? Now try with my DNS resolver :
+You got the IP address right ? Now do the same with my DNS server:
 
 ```sh
-dig ads.google.com @dns.mielota.com # or put the IPv4 of my server
+dig +short ads.google.com @dns.mielota.com # or put the IPv4 of my server
 ```
 
 You will get 0.0.0.0
 
-Here are some useful links if you want to do the same :
 
+Here are some useful links if you want to use blocky on your server/computer.
+
+- [Blocky DNS](https://0xerr0r.github.io/blocky/latest/)
 - [Comfy Guide to Blocky](https://comfy.guide/server/blocky)
 - [Comfy Guide to Blocky (video)](https://www.youtube.com/watch?v=Uq6mafo9fEc)
-- [Blocky DNS](https://0xerr0r.github.io/blocky/latest/)
 
-You can also run `blocky` locally and query your `localhost`.
+Use this command to get the blacklists I use (if you want the same ones):
+
+```sh
+curl -fsSL "https://codeberg.org/mielota/dox/raw/branch/main/opt/blocky/blocky.yml" | grep -o "\- http.*"
+```
+
+### Get records of a domain name
+
+You can see what DNS records are setup for domain names too. For example, ask for the A record of my domain name :
+
+```sh
+dig +short A mielota.com
+```
+
+You can get the MX records of let's say, GitHub :
+
+```sh
+dig +short MX github.com
+```
+
+You can of course ask for AAAA, TXT, CNAME etc.
 
 ### Reverse DNS
 
 If you want to setup an email server, you have to setup `reverse DNS`, it's basically DNS but the other way around : Give an IP, get a domain name.
 
-To setup r-dns I had to go to my ISP's website. Some people say that they had to call their ISP. Some people are not allowed to have r-dns. So it's just a matter of luck.
+To setup r-DNS I had to go to my ISP's website. Some people say that they had to call their ISP. Some people are not allowed to have r-DNS. So it's just a matter of luck.
+
+You can see if you have r-DNS with this command :
+
+```sh
+dig +short -x IP_ADDRESS_OF_YOUR_SERVER
+```
+
+For example you can see that Arch Linux has a working reverse DNS:
+
+```sh
+dig +short -x $(dig +short archlinux.org) # -> "archlinux.org."
+```
 
 ## Conclusion ?
 
-These are just some random infos about DNS. Nothing big. Of course, I only covered the **tip** of the iceberg in _whatever_ this is.
+These were just some random infos.
+
+More links :
+
+- [Check if your DNS records are okay](https://intodns.com/)
+- [Addr Tools](https://addr.tools/)