ho to filter hundeds of domains ?
Kevin Darcy
kcd at chrysler.com
Thu Aug 30 21:48:58 UTC 2012
On 8/30/2012 10:33 AM, Rick Coloccia wrote:
> add this line to /etc/named.conf
>
> include "locallyblockeddomains.zones";
>
>
> contents of locallyblockeddomains.zones:
>
> // This bind zone is intended to be included in a running dns server
> for a local net
> //
> // It will return a 127.0.0.1 for the domains listed as malware
> //
> // This is for locally determined domains we want blocked
> //
> //
> zone "r.im" {type master; file "/etc/namedb/blockeddomain.hosts";};
> <snipped many more out>
> zone "emailupgrader.clan.su" {type master;file
> "/etc/named/blockeddomain.hosts";};
>
>
>
>
> this is the /etc/namedb/blockeddomain.hosts file:
>
> $TTL 86400 ; one day
>
> @ IN SOA ns1.geneseo.edu coloccia.geneseo.edu (
> 2007112601 ; serial
> 28800 ; refresh 8 hours
> 7200 ; retry 2 hours
> 864000 ; expire 10 days
> 86400 ) ; min ttl 1 day
>
> IN NS ns1.geneseo.edu.
> A 127.0.0.1
> * IN A 127.0.0.1
> * IN AAAA ::1
> ; This zone will kill all traffic to a listed domain
>
>
>
>
> Done.
>
> Add domains you want blocked to the locallyblockeddomains.zones file.
The null or "unspecified" address -- "0.0.0.0" in IPv4, "::" in IPv6 --
is generally considered the more polite and "proper" way to express
"don't ever try to connect to this".
If you put a loopback address in there, a poorly-coded app might end up
spinning, connecting to itself. But the unspecified address gets stopped
cold at the OS level so it's the preferred choice.
- Kevin
More information about the bind-users
mailing list