Re: Blocking undesirable domains using BIND

2007-12-31 Thread Kevin Kinsey
Darren Spruell wrote: On Dec 28, 2007 8:49 AM, Kevin Kinsey <[EMAIL PROTECTED]> wrote: In the absence of egress filtering on the firewall, that would definitely be an advantage. Does anyone use BIND for filtering in a small to medium business environment then? How does it perform? Performs

Re: Blocking undesirable domains using BIND

2007-12-31 Thread Erich Dollansky
Hi, Maxim Khitrov wrote: On Dec 30, 2007 12:31 PM, Darren Spruell <[EMAIL PROTECTED]> wrote: On Dec 30, 2007 9:52 AM, Maxim Khitrov <[EMAIL PROTECTED]> wrote: I then installed dnsmasq, which is able to read domain info from the hosts file. Just for the fun of it, I loaded domains from all th

Re: Blocking undesirable domains using BIND

2007-12-30 Thread Maxim Khitrov
On Dec 30, 2007 12:31 PM, Darren Spruell <[EMAIL PROTECTED]> wrote: > On Dec 30, 2007 9:52 AM, Maxim Khitrov <[EMAIL PROTECTED]> wrote: > > > I was trying to do something similar. I didn't research too hard, but > > > figured the only way to use Bind would be to make my server authoritative > >

Re: Blocking undesirable domains using BIND

2007-12-30 Thread Darren Spruell
On Dec 30, 2007 9:52 AM, Maxim Khitrov <[EMAIL PROTECTED]> wrote: > > I was trying to do something similar. I didn't research too hard, but > > figured the only way to use Bind would be to make my server authoritative > > for all those domains, which meant a huge config file and potential > > o

Re: Blocking undesirable domains using BIND

2007-12-30 Thread Maxim Khitrov
On Dec 28, 2007 11:28 AM, Rob <[EMAIL PROTECTED]> wrote: > Kevin Kinsey wrote: > > Just a question, and I'm not trying to cast doubt on your plan; I'm > > curious why using BIND for this purpose instead of a proxy, which is > > a more typical application as I understand it? > > I was trying to do s

Re: Blocking undesirable domains using BIND

2007-12-28 Thread Erich Dollansky
Hi, the guys seem to have some humour: Linux/Unix/Mac OSX Remove the extension and save this to your /etc directory. Considering unix is a server-based OS with a complex permission structure you'll probably want to just append your hosts file instead of overwriting it. OSX can use the host

Re: Blocking undesirable domains using BIND

2007-12-28 Thread Rob
Kevin Kinsey wrote: Just a question, and I'm not trying to cast doubt on your plan; I'm curious why using BIND for this purpose instead of a proxy, which is a more typical application as I understand it? I was trying to do something similar. I didn't research too hard, but figured the only wa

Re: Blocking undesirable domains using BIND

2007-12-28 Thread Darren Spruell
On Dec 28, 2007 8:49 AM, Kevin Kinsey <[EMAIL PROTECTED]> wrote: > Olivier Nicole wrote: > >> Again, I'm not trying to convince you otherwise or say that using > >> BIND is a bad idea. It's just that I'm curious because we use > >> Squid for this sort of thing, and I was wondering why BIND instead

Re: Blocking undesirable domains using BIND

2007-12-28 Thread Kevin Kinsey
Olivier Nicole wrote: Again, I'm not trying to convince you otherwise or say that using BIND is a bad idea. It's just that I'm curious because we use Squid for this sort of thing, and I was wondering why BIND instead? I think another issue is that Squid will only filter HTTP/FTP connections, w

Re: Blocking undesirable domains using BIND

2007-12-27 Thread Olivier Nicole
> Again, I'm not trying to convince you otherwise or say that using > BIND is a bad idea. It's just that I'm curious because we use > Squid for this sort of thing, and I was wondering why BIND instead? I think another issue is that Squid will only filter HTTP/FTP connections, while DNS would allo

Re: Blocking undesirable domains using BIND

2007-12-27 Thread Maxim Khitrov
On Dec 27, 2007 4:27 PM, Schiz0 <[EMAIL PROTECTED]> wrote: > > On Dec 27, 2007 3:46 PM, Maxim Khitrov <[EMAIL PROTECTED]> wrote: > > Hello, > > > > I'm currently setting up a new firewall for my home network using > > FreeBSD 7. The firewall will also act as our local name server > > (authoritative

Re: Blocking undesirable domains using BIND

2007-12-27 Thread Maxim Khitrov
On Dec 27, 2007 7:16 PM, Kevin Kinsey <[EMAIL PROTECTED]> wrote: > Maxim Khitrov wrote: > > Hello, > > > > I'm currently setting up a new firewall for my home network using > > FreeBSD 7. The firewall will also act as our local name server > > (authoritative for the local domain, and caching for ev

Re: Blocking undesirable domains using BIND

2007-12-27 Thread Erich Dollansky
Hi, Olivier Nicole wrote: Has bind a visible advantage in the response time? Maybe not in response time, but certainly in centralisation: you only maintain one DNS instead of every machine. this is obvious to me too. I would not like to use bind for filtering except in larger organisations.

Re: Blocking undesirable domains using BIND

2007-12-27 Thread Olivier Nicole
> Has bind a visible advantage in the response time? Maybe not in response time, but certainly in centralisation: you only maintain one DNS instead of every machine. Olivier ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman

Re: Blocking undesirable domains using BIND

2007-12-27 Thread Erich Dollansky
Hi, I use hosts to block unwanted content but on per machine base. I use currentlu this as a starting point and add private preferences to hosts. http://www.mvps.org/winhelp2002/hosts.txt Has bind a visible advantage in the response time? Erich Maxim Khitrov wrote: Hello, I'm currently s

Re: Blocking undesirable domains using BIND

2007-12-27 Thread Kevin Kinsey
Maxim Khitrov wrote: Hello, I'm currently setting up a new firewall for my home network using FreeBSD 7. The firewall will also act as our local name server (authoritative for the local domain, and caching for everything else). One of the things I'd like to do with it is use BIND to block variou

Re: Blocking undesirable domains using BIND

2007-12-27 Thread Mark D. Foster
Maxim Khitrov wrote: > into a BIND config file myself. Just need good sources. What are your > recommendations? > I keep a small but potent list of undesirables as described here... http://mark.foster.cc/wiki/index.php/Trackers -- Said one park ranger, 'There is considerable overlap between th

Re: Blocking undesirable domains using BIND

2007-12-27 Thread Darren Spruell
On Dec 27, 2007 1:46 PM, Maxim Khitrov <[EMAIL PROTECTED]> wrote: > Hello, > > I'm currently setting up a new firewall for my home network using > FreeBSD 7. The firewall will also act as our local name server > (authoritative for the local domain, and caching for everything else). > One of the thi

Re: Blocking undesirable domains using BIND

2007-12-27 Thread Schiz0
On Dec 27, 2007 3:46 PM, Maxim Khitrov <[EMAIL PROTECTED]> wrote: > Hello, > > I'm currently setting up a new firewall for my home network using > FreeBSD 7. The firewall will also act as our local name server > (authoritative for the local domain, and caching for everything else). > One of the thi

Blocking undesirable domains using BIND

2007-12-27 Thread Maxim Khitrov
Hello, I'm currently setting up a new firewall for my home network using FreeBSD 7. The firewall will also act as our local name server (authoritative for the local domain, and caching for everything else). One of the things I'd like to do with it is use BIND to block various undesirable domains (