ho to filter hundeds of domains ?

Rick Coloccia coloccia at geneseo.edu
Thu Aug 30 14:33:00 UTC 2012 

add this line to /etc/named.conf

include "locallyblockeddomains.zones";


contents of locallyblockeddomains.zones:

// This bind zone is intended to be included in a running dns server for 
a local net
//
// It will return a 127.0.0.1 for the domains listed as malware
//
//  This is for locally determined domains we want blocked
//
//
zone "r.im"  {type master; file "/etc/namedb/blockeddomain.hosts";};
<snipped many more out>
zone "emailupgrader.clan.su" {type master;file 
"/etc/named/blockeddomain.hosts";};




this is the /etc/namedb/blockeddomain.hosts file:

$TTL    86400   ; one day

@       IN      SOA     ns1.geneseo.edu coloccia.geneseo.edu (
                         2007112601      ; serial
                         28800           ; refresh  8 hours
                         7200            ; retry    2 hours
                         864000          ; expire  10 days
                         86400 )         ; min ttl  1 day

                 IN      NS      ns1.geneseo.edu.
                 A       127.0.0.1
*               IN      A       127.0.0.1
*               IN      AAAA    ::1
; This zone will kill all traffic to a listed domain




Done.

Add domains you want blocked to the locallyblockeddomains.zones file.


-Rick





On 8/30/2012 10:28 AM, Russell Jones wrote:
>
> On 8/30/2012 8:46 AM, WBrown at e1b.org wrote:
>> Russell Jones wrote on 08/30/2012 09:39:17 AM:
>>
>>> Normal web filtering software that auto updates is a better
>>> approach. Using Bind with a manual list of domains to try to achieve
>>> this is like trying to kill an ant hill 1 ant at a time
>> There are several sources of RPZ data such as Spamhaus and SURBL.  Both
>> are respected sources of spam filtering data.
>>
>> (Disclosure: My employer subscribes to both for spam filtering, I 
>> have no
>> financial stake)
>
>
> Oh I know, I use spamhaus myself for spam filtering - catches a 
> ridiculous amount of spam. It is my understanding though the OP wants 
> to filter domains for NSFW web browsing, not spam - specifically 
> gambling sites.
>
>
> _______________________________________________
> Please visit https://lists.isc.org/mailman/listinfo/bind-users to 
> unsubscribe from this list
>
> bind-users mailing list
> bind-users at lists.isc.org
> https://lists.isc.org/mailman/listinfo/bind-users

-- 
Rick Coloccia, Jr.
Network Manager
State University of NY College at Geneseo
1 College Circle, 119 South Hall
Geneseo, NY 14454
V: 585-245-5577
F: 585-245-5579

More information about the bind-users mailing list