On 2/9/2016 10:08 AM, Zenny wrote: > On 2/9/16, Tom Eastep <[email protected]> wrote: >> On 02/09/2016 07:31 AM, Zenny wrote: >>> Hi, >>> >>> Usually I add restricted URLs from lists like adaway to /etc/hosts >>> file to a client computer. >>> >>> But is there a way to implement all over a certain zone (usually LOC) >>> from the shorewall itself? >>> >> >> Check out http://www.shorewall.org/SplitDNS.html. > > > Thanks Tom for the pointer, but it requires dnsmasq to be installed. > My 3-interface shorewall is solely used as a firewall and router > without any dhcp. Is there a simpler way to achieve that like > appending the restricted domains to /etc/hosts in the shorewall > machine, but that didn't do as expected. >
I know of no simpler way. And installing and configuring dnsmasq is very simple. dmsmasq is a DHCP server AND/OR a *Name Server*. You want it to be the latter. It uses the gateway's /etc/hosts file and acts as a DNS server for your local machines. Simply configure your local machines to use the gateway as their DNS server or use DNS(REDIRECT) in your rules file to redirect their DNS queries to the gateway machine. -Tom -- Tom Eastep \ When I die, I want to go like my Grandfather who Shoreline, \ died peacefully in his sleep. Not screaming like Washington, USA \ all of the passengers in his car http://shorewall.net \________________________________________________ ------------------------------------------------------------------------------ Site24x7 APM Insight: Get Deep Visibility into Application Performance APM + Mobile APM + RUM: Monitor 3 App instances at just $35/Month Monitor end-to-end web transactions and take corrective actions now Troubleshoot faster and improve end-user experience. Signup Now! http://pubads.g.doubleclick.net/gampad/clk?id=272487151&iu=/4140 _______________________________________________ Shorewall-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/shorewall-users
