Maxim Khitrov wrote:
Hello,

I'm currently setting up a new firewall for my home network using
FreeBSD 7. The firewall will also act as our local name server
(authoritative for the local domain, and caching for everything else).
One of the things I'd like to do with it is use BIND to block various
undesirable domains (ad servers, malicious sites, etc.). The plan is
to have a separate BIND config file which is included in the main one.

Just a question, and I'm not trying to cast doubt on your plan; I'm curious why using BIND for this purpose instead of a proxy, which is
a more typical application as I understand it?

Again, I'm not trying to convince you otherwise or say that using
BIND is a bad idea.  It's just that I'm curious because we use
Squid for this sort of thing, and I was wondering why BIND instead?

Kevin Kinsey

In that file I map all the blocked domains to either the empty zone or
perhaps my local web server that's just serving a blank page for any
request. Haven't decided which way is better yet. This file is updated
periodically (once a week maybe) and BIND is then told to reload the
config. That's the plan as it stands now, eventually I hope to add a
web interface to the system for adding and removing blocked domains.

My question for you guys is if know any _reliable_ sources for getting
that list of domains in the first place? I currently use the hosts
file on all my machines, which is about 2MB in size and hasn't been
updated in several years. I'll definitely import all of those entries
myself, but it would be good if I could periodically pull an updated
list from somewhere else. The following site has a pretty decent
collection of ad servers, though it's a bit short compared to what I
already have: http://pgl.yoyo.org/adservers/. It even provides the
list in a BIND format, meaning that I don't need to do any additional
processing with it. Just fetch the page and reload BIND. This,
however, is not one of my requirements. I'm perfectly happy getting
just a list of the domains (in any format), and then processing them
into a BIND config file myself. Just need good sources. What are your
recommendations?

- Max


--
QOTD:
        A child of 5 could understand this! Fetch me a child of 5.
_______________________________________________
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

Reply via email to