Any way to cache large /etc/hosts files?
Yuri
yuri at rawbw.com
Sat Aug 6 20:16:22 UTC 2016
On 08/05/2016 11:45, Charles Swiger wrote:
>
> Take a look into DNS RPZ, aka DNS blacklisting (the common use case):
>
> https://dnsrpz.info
>
> Recent versions of ISC BIND support this....
Charles,
Thanks for the DNS RPZ reference, it should work.
However, a simpler solution along the lines of nsswitch.conf/nscd could
also be of value. It is be possible to create a program that would load
the list of "bad" domains directly into nscd. However, it looks like
/var/run/nscd socket is only accessible through the private functions in
libc. I couldn't find any python binding for example. Maybe it makes
sense to create such binding.
Yuri
More information about the freebsd-questions
mailing list