Any way to cache large /etc/hosts files?
yuri at rawbw.com
Sat Aug 6 20:16:22 UTC 2016
On 08/05/2016 11:45, Charles Swiger wrote:
> Take a look into DNS RPZ, aka DNS blacklisting (the common use case):
> Recent versions of ISC BIND support this....
Thanks for the DNS RPZ reference, it should work.
However, a simpler solution along the lines of nsswitch.conf/nscd could
also be of value. It is be possible to create a program that would load
the list of "bad" domains directly into nscd. However, it looks like
/var/run/nscd socket is only accessible through the private functions in
libc. I couldn't find any python binding for example. Maybe it makes
sense to create such binding.
More information about the freebsd-questions