Rick Coloccia<coloc...@geneseo.edu> wrote:
add this line to /etc/named.conf
include "locallyblockeddomains.zones";
contents of locallyblockeddomains.zones:
// This bind zone is intended to be included in a running dns server f
a local net
//
// It will return a 127.0.0.1 for the domains listed as malware
//
// This is for locally determined domains we want blocked
//
//
zone "r.im" {type master; file "/etc/namedb/blockeddomain.hosts";};
<snipped many more out>
zone "emailupgrader.clan.su" {type master;file
"/etc/named/blockeddomain.hosts";};
this is the /etc/namedb/blockeddomain.hosts file:
$TTL 86400 ; one day
@ IN SOA ns1.geneseo.edu coloccia.geneseo.edu (
2007112601 ; serial
28800 ; refresh 8 hours
7200 ; retry 2 hours
864000 ; expire 10 days
86400 ) ; min ttl 1 day
IN NS ns1.geneseo.edu.
A 127.0.0.1
* IN A 127.0.0.1
* IN AAAA ::1
; This zone will kill all traffic to a listed domain
Done.
Add domains you want blocked to the locallyblockeddomains.zones file.
In my previous job, the cyber-security created a list of domains
from various sources. They tested the file on a test BIND server
before loading the file into the AFS shared file system. I had a cron
on my DNS servers that ran every 10 minutes that checked for a new file,
and if it saw one, it copied the file to the local disk and ran "rndc"
to reload the new config file.
--Barry Finkel
_______________________________________________
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe
from this list
bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users