Blocking undesirable domains using BIND
kdk at daleco.biz
Fri Dec 28 07:50:06 PST 2007
Olivier Nicole wrote:
>> Again, I'm not trying to convince you otherwise or say that using
>> BIND is a bad idea. It's just that I'm curious because we use
>> Squid for this sort of thing, and I was wondering why BIND instead?
> I think another issue is that Squid will only filter HTTP/FTP
> connections, while DNS would allow to filter any type of traffic that
> would try to go to places with a bad name.
In the absence of egress filtering on the firewall, that
would definitely be an advantage. Does anyone use BIND
for filtering in a small to medium business environment
then? How does it perform?
I trust the first lion he meets will do his duty.
-- J. P. Morgan on Teddy Roosevelt's safari
More information about the freebsd-questions