Re: FreeBSD router (IPFW-based): how to block an URL (all IPs of an A-like HOSTNAME)

Thu, 17 Jun 2010 14:08:38 -0700 

What about an entry in your local DNS (what your hosts use) that gives a bogus 
ip (127.0.0.1?) for *.badhost.com?  Then users can never connect to 
badhost.com. 

I don't know too many FW's that allow you to use a URL in a rule.  IIRC, 
CheckPoint-FW1 did/does, but they recommend against it due to overhead.

As pointed out, Squid or other light weight white/blacklist thingy might be in 
order.

----- Original Message -----
From: owner-freebsd-questi...@freebsd.org <owner-freebsd-questi...@freebsd.org>
To: freebsd-questions@freebsd.org <freebsd-questions@freebsd.org>
Sent: Thu Jun 17 15:56:23 2010
Subject: Re: FreeBSD router (IPFW-based): how to block an URL (all IPs of an    
A-like HOSTNAME)

Ok, very simple put:

To do this without shell scripting, but this could avoid filter future IP 
addresses:
1. DIG HOSTNAMEs and add ipfw block rules for those IPs
2. DIG HOSTNAMEs and add a null rule

To block all *.hostname and future IP addresses of any of *.hostname, there 
must be written a shell script, that analyzes all requests [have no idea how to 
execute a shell script LIVE!!!, any idea on this topic?].

--- On Thu, 6/17/10, Bernt Hansson <be...@bah.homeip.net> wrote:

From: Bernt Hansson <be...@bah.homeip.net>
Subject: Re: FreeBSD router (IPFW-based): how to block an URL (all IPs of an 
A-like HOSTNAME)
To: "Valerian Galeru" <valerian...@yahoo.com>
Cc: freebsd-questions@freebsd.org
Date: Thursday, June 17, 2010, 11:47 PM

Valerian Galeru said the following on 2010-06-17 22:01:
> Hello,
> 
> Does anyone have any ideas how to block all requests using an IPFW-based 
> router
> (FreeBSD 6.4) to and from a HOSTNAME (which has more DNS A entries) or 
> better, from any *.HOSTNAME.COM ????

Do a whois hostname.com taking note of their ip-address range. Then, for ipf, 
put this in your rules file.

### EXAMPLE ###

block in quick on fxp0 from 192.168.0.0/16 to any
block out quick on fxp0 from any to 192.168.0.0/16



      
_______________________________________________
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"

_______________________________________________
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"

Reply via email to