Blocking undesirable domains using BIND

Maxim Khitrov mkhitrov at
Thu Dec 27 12:46:18 PST 2007


I'm currently setting up a new firewall for my home network using
FreeBSD 7. The firewall will also act as our local name server
(authoritative for the local domain, and caching for everything else).
One of the things I'd like to do with it is use BIND to block various
undesirable domains (ad servers, malicious sites, etc.). The plan is
to have a separate BIND config file which is included in the main one.
In that file I map all the blocked domains to either the empty zone or
perhaps my local web server that's just serving a blank page for any
request. Haven't decided which way is better yet. This file is updated
periodically (once a week maybe) and BIND is then told to reload the
config. That's the plan as it stands now, eventually I hope to add a
web interface to the system for adding and removing blocked domains.

My question for you guys is if know any _reliable_ sources for getting
that list of domains in the first place? I currently use the hosts
file on all my machines, which is about 2MB in size and hasn't been
updated in several years. I'll definitely import all of those entries
myself, but it would be good if I could periodically pull an updated
list from somewhere else. The following site has a pretty decent
collection of ad servers, though it's a bit short compared to what I
already have: It even provides the
list in a BIND format, meaning that I don't need to do any additional
processing with it. Just fetch the page and reload BIND. This,
however, is not one of my requirements. I'm perfectly happy getting
just a list of the domains (in any format), and then processing them
into a BIND config file myself. Just need good sources. What are your

- Max

More information about the freebsd-questions mailing list