Blocking undesirable domains using BIND
bitabyss at gmail.com
Fri Dec 28 08:28:51 PST 2007
Kevin Kinsey wrote:
> Just a question, and I'm not trying to cast doubt on your plan; I'm
> curious why using BIND for this purpose instead of a proxy, which is
> a more typical application as I understand it?
I was trying to do something similar. I didn't research too hard, but figured the only way to use Bind would be to make my server authoritative for all those domains, which meant a huge config file and potential overhead, as well as
possibly breaking access to desirable servers in the domains.
So hosts seemed easier, but apparently Bind never looks at hosts. I did find that Squid (which I already had installed and in limited use) has its own DNS resolver, and it does look at hosts first before going to the nameserver.
Then I found this site: http://everythingisnt.com/hosts.html and put their list in hosts, and now client PCs get a squid error in place of ad junk. Works ok for me ;)
More information about the freebsd-questions