fre, 2002-03-08 kl. 02:38 skrev Ted Fines: > You don't need iptables to do this. Just run a BIND 9 server on whatever > interface(s) you want control over. You can tell your BIND server it is > authoritative for certain domains, and give it the ip address of that > domain. Then when the users access www.yourdomainhere.com, or > *.yourdomainhere.com, they'll just go to the ip address you specified, > which could easily be an Apache server with a page saying 'Access to this > domain has been denied blah blah blah'.
1: You can tell your DNS server that it is authoritative for any domains
you want, but since DNS is hierarchical, the rest of the Internet won't
take a blind bit of notice of it, unless your local DNS registration
authority sanctions it ("I want to be authorative for Microsoft.com".
"You can't, because Microsoft has the right to authorization for
Microsoft.com).
2: You cannot filter out access from given domains to other domains with
a DNS server.
Tony
--
Tony Earnshaw
e-post: [EMAIL PROTECTED]
www: http://www.billy.demon.nl
www: http://tony_earnshaw.freelancers.net
Telefoon: (+31) (0)172 530428
Mobiel: (+31) (0)6 51153356
GPG/PGP Fingerprint: 3924 6BF8 A755 DE1A 4AD6 FA2B F7D7 6051 3BE7 B981
signature.asc
Description: Dette er en digitalt signert meldingsdel
