The idea with the DNS server is wonderful, but the problem is, that in my network the DNS server is the one in Internet [i dont run a DNS server and all local/LAN computers are configured manually to use a public DNS server ].
--- On Fri, 6/18/10, Gary Gatten <[email protected]> wrote: From: Gary Gatten <[email protected]> Subject: Re: FreeBSD router (IPFW-based): how to block an URL (all IPs of an A-like HOSTNAME) To: "'[email protected]'" <[email protected]>, "'[email protected]'" <[email protected]> Date: Friday, June 18, 2010, 12:08 AM What about an entry in your local DNS (what your hosts use) that gives a bogus ip (127.0.0.1?) for *.badhost.com? Then users can never connect to badhost.com. I don't know too many FW's that allow you to use a URL in a rule. IIRC, CheckPoint-FW1 did/does, but they recommend against it due to overhead. As pointed out, Squid or other light weight white/blacklist thingy might be in order. ----- Original Message ----- From: [email protected] <[email protected]> To: [email protected] <[email protected]> Sent: Thu Jun 17 15:56:23 2010 Subject: Re: FreeBSD router (IPFW-based): how to block an URL (all IPs of an A-like HOSTNAME) Ok, very simple put: To do this without shell scripting, but this could avoid filter future IP addresses: 1. DIG HOSTNAMEs and add ipfw block rules for those IPs 2. DIG HOSTNAMEs and add a null rule To block all *.hostname and future IP addresses of any of *.hostname, there must be written a shell script, that analyzes all requests [have no idea how to execute a shell script LIVE!!!, any idea on this topic?]. --- On Thu, 6/17/10, Bernt Hansson <[email protected]> wrote: From: Bernt Hansson <[email protected]> Subject: Re: FreeBSD router (IPFW-based): how to block an URL (all IPs of an A-like HOSTNAME) To: "Valerian Galeru" <[email protected]> Cc: [email protected] Date: Thursday, June 17, 2010, 11:47 PM Valerian Galeru said the following on 2010-06-17 22:01: > Hello, > > Does anyone have any ideas how to block all requests using an IPFW-based > router > (FreeBSD 6.4) to and from a HOSTNAME (which has more DNS A entries) or > better, from any *.HOSTNAME.COM ???? Do a whois hostname.com taking note of their ip-address range. Then, for ipf, put this in your rules file. ### EXAMPLE ### block in quick on fxp0 from 192.168.0.0/16 to any block out quick on fxp0 from any to 192.168.0.0/16 _______________________________________________ [email protected] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[email protected]" -----Inline Attachment Follows----- _______________________________________________ [email protected] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[email protected]" _______________________________________________ [email protected] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[email protected]"
