Any way to cache large /etc/hosts files?

Yuri yuri at rawbw.com
Sat Aug 6 20:16:22 UTC 2016


On 08/05/2016 11:45, Charles Swiger wrote:
>
> Take a look into DNS RPZ, aka DNS blacklisting (the common use case):
>
> https://dnsrpz.info
>
> Recent versions of ISC BIND support this....


Charles,


Thanks for the DNS RPZ reference, it should work.


However, a simpler solution along the lines of nsswitch.conf/nscd could 
also be of value. It is be possible to create a program that would load 
the list of "bad" domains directly into nscd. However, it looks like 
/var/run/nscd socket is only accessible through the private functions in 
libc. I couldn't find any python binding for example. Maybe it makes 
sense to create such binding.


Yuri



More information about the freebsd-questions mailing list