ho to filter hundeds of domains ?
Barry S. Finkel
bsfinkel at att.net
Thu Aug 30 16:24:53 UTC 2012
Rick Coloccia<coloccia at geneseo.edu> wrote:
>add this line to /etc/named.conf
>
>include "locallyblockeddomains.zones";
>
>
>contents of locallyblockeddomains.zones:
>
>// This bind zone is intended to be included in a running dns server f
>a local net
>//
>// It will return a 127.0.0.1 for the domains listed as malware
>//
>// This is for locally determined domains we want blocked
>//
>//
>zone "r.im" {type master; file "/etc/namedb/blockeddomain.hosts";};
><snipped many more out>
>zone "emailupgrader.clan.su" {type master;file
>"/etc/named/blockeddomain.hosts";};
>
>
>
>
>this is the /etc/namedb/blockeddomain.hosts file:
>
>$TTL 86400 ; one day
>
>@ IN SOA ns1.geneseo.edu coloccia.geneseo.edu (
> 2007112601 ; serial
> 28800 ; refresh 8 hours
> 7200 ; retry 2 hours
> 864000 ; expire 10 days
> 86400 ) ; min ttl 1 day
>
> IN NS ns1.geneseo.edu.
> A 127.0.0.1
>* IN A 127.0.0.1
>* IN AAAA ::1
>; This zone will kill all traffic to a listed domain
>
>
>
>
>Done.
>
>Add domains you want blocked to the locallyblockeddomains.zones file.
In my previous job, the cyber-security created a list of domains
from various sources. They tested the file on a test BIND server
before loading the file into the AFS shared file system. I had a cron
on my DNS servers that ran every 10 minutes that checked for a new file,
and if it saw one, it copied the file to the local disk and ran "rndc"
to reload the new config file.
--Barry Finkel
More information about the bind-users
mailing list