FreeBSD router (IPFW-based): how to block an URL (all IPs of an
A-like HOSTNAME)
Gary Gatten
Ggatten at waddell.com
Thu Jun 17 21:08:19 UTC 2010
What about an entry in your local DNS (what your hosts use) that gives a bogus ip (127.0.0.1?) for *.badhost.com? Then users can never connect to badhost.com.
I don't know too many FW's that allow you to use a URL in a rule. IIRC, CheckPoint-FW1 did/does, but they recommend against it due to overhead.
As pointed out, Squid or other light weight white/blacklist thingy might be in order.
----- Original Message -----
From: owner-freebsd-questions at freebsd.org <owner-freebsd-questions at freebsd.org>
To: freebsd-questions at freebsd.org <freebsd-questions at freebsd.org>
Sent: Thu Jun 17 15:56:23 2010
Subject: Re: FreeBSD router (IPFW-based): how to block an URL (all IPs of an A-like HOSTNAME)
Ok, very simple put:
To do this without shell scripting, but this could avoid filter future IP addresses:
1. DIG HOSTNAMEs and add ipfw block rules for those IPs
2. DIG HOSTNAMEs and add a null rule
To block all *.hostname and future IP addresses of any of *.hostname, there must be written a shell script, that analyzes all requests [have no idea how to execute a shell script LIVE!!!, any idea on this topic?].
--- On Thu, 6/17/10, Bernt Hansson <bernt at bah.homeip.net> wrote:
From: Bernt Hansson <bernt at bah.homeip.net>
Subject: Re: FreeBSD router (IPFW-based): how to block an URL (all IPs of an A-like HOSTNAME)
To: "Valerian Galeru" <valerian_ro at yahoo.com>
Cc: freebsd-questions at freebsd.org
Date: Thursday, June 17, 2010, 11:47 PM
Valerian Galeru said the following on 2010-06-17 22:01:
> Hello,
>
> Does anyone have any ideas how to block all requests using an IPFW-based router
> (FreeBSD 6.4) to and from a HOSTNAME (which has more DNS A entries) or better, from any *.HOSTNAME.COM ????
Do a whois hostname.com taking note of their ip-address range. Then, for ipf, put this in your rules file.
### EXAMPLE ###
block in quick on fxp0 from 192.168.0.0/16 to any
block out quick on fxp0 from any to 192.168.0.0/16
_______________________________________________
freebsd-questions at freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "freebsd-questions-unsubscribe at freebsd.org"
More information about the freebsd-questions
mailing list