On 16 September 2015 at 19:06, Johnny Billquist <[email protected]> wrote: > On 2015-09-16 19:09, Ottavio Caruso wrote: >> >> RE: http://mail-index.netbsd.org/netbsd-users/2014/04/27/msg014543.html >> >> I put domains that I want to block in /etc/hosts preceded by 0.0.0.0 >> but I can still ping them. >> >> I rebooted, but I can still ping them. >> >> Then I have mass-changed all entries from 0.0.0.0 to 127.0.0.1 and I >> can still ping them. >> >> Rebooted, same thing. >> >> Why can I do this effortlessly with Windows and Linux but not with NetBSD? > > > First of all, using /etc/hosts as a way of block domains is extremely > unreliable and not really a meaningful way of actually block anything.
Why? It works on other platforms? > > Second, I guess you haven't heard of /etc/nsswitch.conf. It also exists in > Linux. It tells which methods are used, and in which order. It might be that > you have dns before files. I've checked my nsswitch.conf, it's files before hosts > > Changing a destination to 127.0.0.1, and then pinging it, why would you > expect it to not work. 127.0.0.1 will most likely respond to pings. > Pinging 0.0.0.0 will also give some result. Most probably your default > gateway machine. Yes, I didn't express myself correctly. I meant that I ping the original host, not 127.0.0.1. BTW, rebooting TWICE produced the intended result. I wonder why I had to reboot twice. > > Maybe you should try and learn about /etc/hosts.deny as well as ipfilters? But again, why? If I have a list of 300 domains to block, this would not be practicable. -- Ottavio
