Re: performance impact of large /etc/hosts files
On Mon, 24 Dec 2007 23:49:53 -0800 (PST) RSean [EMAIL PROTECTED] wrote: Hi guys, Just curious if anyone has tried regular expressions to handle ads and banners. That's what adzap and similar squid filters do. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: performance impact of large /etc/hosts files
Hi guys, Just curious if anyone has tried regular expressions to handle ads and banners. We have a small network of about 10 users. We use SafeSquid as proxy and content filter. It supports the use of regex for defining rules. The URL Filter section has 2 default rules for blocking ads and banners - Hosts: (^ad(|s|v|server)\.|adtag\.|targetsearches.com|webconnect.net|imgis.com|atwola.com|fastclick.net|abz.com|tribalfusion.com|advertising.com|atdmt.com|sp inbox\.(com|net)|linkexchange.com|hitbox.com|doubleclick.net|valueclick.com|click2net.com|mediaplex.com|247media.com|clickagents.com|adbutler.com|qkim g.net|realmedia.com|us.a1.yimg.com|clickheretofind.com|images.cybereps.com|adbureau.net|sfads.osdn.com|adflow.com|adprofs.com|zedo.com|digitalmedianet .com|ad-flow.com|/adsync/|adtech.de|netdirect.nl|rcm-images.amazon.com|pamedia.com|msads.net|valuead.com|smartadserver.com|thisbanner.com|aaddzz.com|s cripps.com|ru4.com|adtrix.net|falkag.net) File: (/adimages/|/banner(|s)/|/ad(|s|v|(|_)banner(|s))/|/adx/|/sponsors/|/advert(ising|s|)/|/adcycle/|/track/|/promo/|/adspace/|/admentor/|/image\.ng/|/ajr otator/|/adview.php|/clickthru|/affiliates|banmat(\.cgi|.\.cgi)|/adproof/|/bannerfarm/|/BannerAds/|/banner_|sponsorid|/servfu.pl|/RealMedia/|/adsync/| _ad_|/adceptdelivery.cgi) I am not a very technical person, but the first rule, I think, is a regex that defines hosts that serve ads; while the second rule is a regex for words that the file part of a url may contain. These rules very efficiently block ads and banners at the gateway, saving b/w and improving surfing experience. Just thought I should mention this. Cheers! -- View this message in context: http://www.nabble.com/performance-impact-of-large--etc-hosts-files-tp14267018p14493715.html Sent from the freebsd-questions mailing list archive at Nabble.com. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: performance impact of large /etc/hosts files
Hi, Nikos Vassiliadis wrote: On Wednesday 12 December 2007 04:06:01 Erich Dollansky wrote: There's no clean solutions to getting different lookups per-user that Both ipfw and pf support tables, which is what you I would like to avoid having a fire wall running on each machine. Out of curiosity, how big your hosts file is? It is above 600KB since I included also the information I found on sites like this: http://www.mvps.org/winhelp2002/hosts.htm Since I joined my private file with this one http://www.mvps.org/winhelp2002/hosts.txt it grew to the mentioned 600KB from below 10KB. If you still see unwanted content, just add a line and it will be gone during your next visit. The beauty is, Internet feels still faster then before. It has one advantage over all those ad removal tools. It filters what I do not like. It has nothing to do with censorship, it just gets rid of all the crap hanging around on every corner of a web page trying to sell you anti virus software or larger dicks. Erich ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: performance impact of large /etc/hosts files
On Wednesday 12 December 2007 10:05:28 Erich Dollansky wrote: The beauty is, Internet feels still faster then before. It has one advantage over all those ad removal tools. It filters what I do not like. It has nothing to do with censorship, it just gets rid of all the crap hanging around on every corner of a web page trying to sell you anti virus software or larger dicks. I'll give it a try. It may be helpful for my lossy-56Kbps-modem internet-experience at home! Nikos ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: performance impact of large /etc/hosts files
Nikos Vassiliadis wrote: On Wednesday 12 December 2007 04:06:01 Erich Dollansky wrote: There's no clean solutions to getting different lookups per-user that I The clen solution is hosts. But hosts is operating system-wide. Both ipfw and pf support tables, which is what you want, large sets or unrelated (addresses|networks). Both of them support UID matching as a target (caution: this feature is not mpsafe on FreeBSD-6). I don't understand how you think any firewall would do this. Firewalls will block based on IP addresses, whereas what I do (pointing numerous ad sites at a local apache vhost) works based on names. I have no clue if the ad sites share IP addresses with anything else, nor do I care; nor do I care if some ad site has 50 different IP addresses because I never resolve the real IP. To take a random, made up example: ads.useful.site = 10.1.1.1 www.useful.site = 10.1.1.1 Using hosts (or DNS) I can make ads.useful.site instead = 192.168.1.1 or ads.useful.site = 101.1.1 - 10.1.1.255 but I'm going to spend *forever* before I get all those IP addresses from a round-robin DNS entry to put into some ipfw table, and if any of those addresses also hosts the main site, I end up blocking that too. I don't see how a firewall is appropriate for this (hosts.allow, likewise). The point of the exercise is to never even contact the ad host. If I've misunderstood something about your approach, please enlighten me. --Alex ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: performance impact of large /etc/hosts files
Heiko Wundram (Beenic) wrote: Am Mittwoch, 12. Dezember 2007 13:01:14 schrieb Alex Zbyslaw: snip explanation I don't see how a firewall is appropriate for this (hosts.allow, likewise). The point of the exercise is to never even contact the ad host. Transparent proxy with squid on the firewall? There's even plugins to manage exactly this kind of ad-blocking with squid; although I don't currently know the extension's name. This is pretty much going to be your only option to do this in a centralized fashion. Squid may well be an alternative solution, but it's not, imho, a firewall solution as Nikos was proposing. I have zero experience of squid beyond reading about it, but it has always sounded like a major resource hog. Perhaps just running one plugin to do just this would be OK? The advantage of /etc/hosts is simplicity. For a small home network of BSD machines it's pretty trivial to propagate updates. Not even *that* hard to copy the file to a couple windows machines. Beyond that, the updates could get pretty tedious. For a network-wide, multi-OS solution I would still look at DNS just because it's more lightweight than squid. Which is not to say that someone else shouldn't reach an alternate conclusion :-) Always good to know what the alternatives are! Best, --Alex ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: performance impact of large /etc/hosts files
Am Mittwoch, 12. Dezember 2007 13:01:14 schrieb Alex Zbyslaw: snip explanation I don't see how a firewall is appropriate for this (hosts.allow, likewise). The point of the exercise is to never even contact the ad host. Transparent proxy with squid on the firewall? There's even plugins to manage exactly this kind of ad-blocking with squid; although I don't currently know the extension's name. This is pretty much going to be your only option to do this in a centralized fashion. -- Heiko Wundram Product Application Development ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: performance impact of large /etc/hosts files
Erich Dollansky wrote: Alex Zbyslaw wrote: Erich Dollansky wrote: Assuming I've understood your initial post correctly, then I do the same, redirecting some dozen ad sites to a local web server. With a this is how I started. Then friends did the same. We exchanged the files. We added hosts files from the Internet. dozen or so aliases I've never noticed any difference in performance, but I suspect you have rather more than that :-) I could never quite be I also do not notice a difference. Especially news sites with all the ads are even faster as there is no waiting for the ads. I'm pretty sure you could also do the same with a local DNS server, if This is what I am thinking of since some time but I never did. It would have the additional advantage of faster name resolution. Having a DNS on every machine seems like a real overkill to me. Why would you have DNS on every machine? I don't know what your setup is like, but any separate network (like your home, your office) would only need one(*) DNS server for the entire network. Of course, everyone then gets their ads blocked, not just you :-) No way to make it per-user that I can think of. But, you could run 1 DNS and only point hosts which wished to participate in the ad blocking at that DNS server and let others do their resolution however they normally do it (ISP DNS, company DNS). There's no clean solutions to getting different lookups per-user that I The clen solution is hosts. It's not per-user, which was what you originally asked. Unclean solutions might include something like making the hosts file This is something I would like to avoid. If you want different name resolution per user, then I see little alternative to something like this. I'm not even sure it's possible, to be honest, but then name resolution was never expected to be per user :-( --Alex Yes, you should probably have a second, slave DNS if your network is more than a couple of hosts. Setting up a DNS is not actually that hard. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: performance impact of large /etc/hosts files
On Wednesday 12 December 2007 14:01:14 Alex Zbyslaw wrote: but I'm going to spend *forever* before I get all those IP addresses from a round-robin DNS entry to put into some ipfw table, No, it's going to take something like 5 minutes. At least for a 1420 lines hosts file. and if any of those addresses also hosts the main site, I end up blocking that too. Yes, but I doubt there is any other service on these web servers. I don't see how a firewall is appropriate for this (hosts.allow, likewise). The point of the exercise is to never even contact the ad host. The point of the exercise is not that apparent to everybody. If I've misunderstood something about your approach, please enlighten me. You misunderstood something, just because you and some people do it, does is it make it the legitimate usage of /etc/hosts? That's not the apparent usage of /etc/hosts to everyone. I said I need more info, and I tried to guess what he does. Please read the whole thread before trying to be that didactic! Cheers, Nikos ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: performance impact of large /etc/hosts files
Am Mittwoch, 12. Dezember 2007 13:38:59 schrieben Sie: I want to do precisely the opposite. It should affect only a single machine. It would even be better if it would affect only a single account on that machine. Affecting only a single machine/a single account has nothing to do with the fact that you manage and implement it centrally; the two concepts are orthogonal. Basically, this should come around to giving squid (from what I'd do in your case) different rule sets based on authentication to the proxy and/or originating IP in your internal network, which leads to different behaviour depending on the accessing person/program. Basically, why I personally rather like the squid (i.e., proxy-based) approach to ad-blocking is the fact that if you try to do this at a lower level than the HTTP-level, there's bound to be pages that display wrong/broken, simply because not being able to fetch images (because they supposedly come from localhost) means that most browsers are not going to display the space reserved to it and will mess up the page layout, even when specifying width= _and_ height= in an img-tag (when only specifying one of the attributes or none, the page layout will be broken anyway). Opera is my favourite candidate for messing up page layouts in this case. On another note, Opera has an (IMHO) huge timeout for failed (i.e., refused, not timed out) connections to the target host, and if many images refer to localhost through some DNS or hosts magic, this is going to majorly slow down page display/buildup on non-css based layouts, which sadly there still are enough out there (and for some of which the ad-slots are an integral part of the page layout, such as some german news sites). If you do the blocking at the topmost level (i.e., through squid or some other HTTP proxy), the proxy can generate an empty/transparent image with the appropriate proportions to fill the now void space, which the extension I referenced earlier will do automatically for you. This doesn't stop the connection to the ad host from happening (i.e., isn't a traffic saver, but who cares about that nowadays I'd say), but it does stop the end-user from seeing the ad (and/or its content). It even allows you more fine-grained control over which URLs to block, so that you don't have to filter by host specifically, but might also filter by directory (which is required at some sites, as the ads/unwanted content comes from the same host as the actual content you're interested in). It's a matter of choice how much duress you want the end-user to endure, basically, seeing that user-based discrimination on a proxy also requires authentication (unless you implement packet redirects on the end-user machines to different ports of the firewall depending on the user originating the outgoing packet, but this is just as bad to keep synchronized in the end). But, anyway, it would be my way to go to achieve what you're trying to do efficiently. Just my 5 (Euro)-cents. -- Heiko Wundram Product Application Development ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: performance impact of large /etc/hosts files
On Wed, 12 Dec 2007 12:31:08 + Alex Zbyslaw [EMAIL PROTECTED] wrote: I have zero experience of squid beyond reading about it, but it has always sounded like a major resource hog. It depends how you use it. I think you can probably get it down to about 15 MB, if you eliminate memory caching and use a modest disk cache. Squid needs to store per object metadata in memory, about 10-20MB per GB of disk cache, and that's what leads to very large memory use. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: performance impact of large /etc/hosts files
Heiko Wundram (Beenic) wrote: Basically, why I personally rather like the squid (i.e., proxy-based) approach to ad-blocking is the fact that if you try to do this at a lower level than the HTTP-level, there's bound to be pages that display wrong/broken, simply because not being able to fetch images (because they supposedly come from localhost) means that most browsers are not going to display the space reserved to it and will mess up the page layout, even when specifying width= _and_ height= in an img-tag (when only specifying one of the attributes or none, the page layout will be broken anyway). Opera is my favourite candidate for messing up page layouts in this case. On another note, Opera has an (IMHO) huge timeout for failed (i.e., refused, not timed out) connections to the target host, and if many images refer to localhost through some DNS or hosts magic, this is going to majorly slow down page display/buildup on non-css based layouts, which sadly there still are enough out there (and for some of which the ad-slots are an integral part of the page layout, such as some german news sites). I'm certainly convinced that this is a viable solution to the ad problem, but it still seems *to me* far more work than dumping a bunch of hostnames in /etc/hosts. I have, myself, had little or no trouble with page layouts messing up, but I maybe haven't used the solution on a large enough scale to notice. But if you really want to configure the heck out of ads then squid would seem to have much more flexibility, at the cost of greater maintenance. As for the timeouts issue, you are assuming that the host names are redirected to an IP address where nothing is listening. I redirect to a local IP alias and do have an apache server listening which serves up a default page with a blue background. I want to *see* the ad being blocked as it gives me a sense of smug satisfaction :-) I'm sure you could do something more sophisticated, but this has worked well enough for me with virtually no maintenance. I certainly get no noticeable delays with opera when I use it. Best, --Alex PS The /etc/hosts solution must be described plenty of places that are google-able since I found it through none of the resources mentioned in this discussion. I wish I could say I'd thought of it for myself, but like so many good ideas I just borrowed it shamelessly from somewhere else. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: performance impact of large /etc/hosts files
RW wrote: On Wed, 12 Dec 2007 12:31:08 + Alex Zbyslaw [EMAIL PROTECTED] wrote: I have zero experience of squid beyond reading about it, but it has always sounded like a major resource hog. It depends how you use it. I think you can probably get it down to about 15 MB, if you eliminate memory caching and use a modest disk cache. Squid needs to store per object metadata in memory, about 10-20MB per GB of disk cache, and that's what leads to very large memory use. Thanks for the info. That doesn't seem too bad in relation to a small network, but I can see why a large network might want to dedicate a separate host. --Alex ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: performance impact of large /etc/hosts files
On Wed, 12 Dec 2007, Erich Dollansky wrote: If you still see unwanted content, just add a line and it will be gone during your next visit. Like AdBlockPlus, only more work. The beauty is, Internet feels still faster then before. Like AdblockPlus. It has one advantage over all those ad removal tools. It filters what I do not like. It has nothing to do with censorship, it just gets rid of all the crap hanging around on every corner of a web page trying to sell you anti virus software or larger dicks. Like AdblockPlus. What is the one advantage? There are some differences: AdblockPlus removes the ads and lets the browser use the space, rather than showing broken pages. And you can customize blocked sites differently for different users. And you can easily disable it. And it doesn't impact the whole system, just the browser. And you can block on regexes, so you don't need hundreds of entries to block the big ad farms. -Warren Block * Rapid City, South Dakota USA ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: performance impact of large /etc/hosts files
Warren Block wrote: On Wed, 12 Dec 2007, Erich Dollansky wrote: If you still see unwanted content, just add a line and it will be gone during your next visit. Like AdBlockPlus, only more work. The beauty is, Internet feels still faster then before. Like AdblockPlus. It has one advantage over all those ad removal tools. It filters what I do not like. It has nothing to do with censorship, it just gets rid of all the crap hanging around on every corner of a web page trying to sell you anti virus software or larger dicks. Like AdblockPlus. What is the one advantage? There are some differences: AdblockPlus removes the ads and lets the browser use the space, rather than showing broken pages. And you can customize blocked sites differently for different users. And you can easily disable it. And it doesn't impact the whole system, just the browser. And you can block on regexes, so you don't need hundreds of entries to block the big ad farms. According to it's web pages *Note*: It is recommended to use at least Firefox 2.0, Thunderbird 2.0, SeaMonkey 1.1 or Songbird 0.2. Older versions receive less testing and support for them is likely to be dropped in a few months. The other schemes mentioned in this thread (hosts, DNS, squid) work with any and every web browser. The OP already said he doesn't use Firefox. I myself still use Mozilla, Opera, and (heaven help me) IE, none of which are on the list. As I've already mentioned, I see no broken pages because I don't break the layout (usually), and the post about squid talked about clear gifs as replacements which again would not break anything. AdblockPlus is a valid alternative *if you are just a Firefox user*, but for everyone else, some other solution is required. --Alex ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: performance impact of large /etc/hosts files
Hi, Warren Block wrote: On Wed, 12 Dec 2007, Erich Dollansky wrote: If you still see unwanted content, just add a line and it will be gone during your next visit. Like AdBlockPlus, only more work. The beauty is, Internet feels still faster then before. Like AdblockPlus. It has one advantage over all those ad removal tools. It filters what I do not like. It has nothing to do with censorship, it just gets rid of all the crap hanging around on every corner of a web page trying to sell you anti virus software or larger dicks. Like AdblockPlus. What is the one advantage? There are some differences: AdblockPlus removes the ads and lets the but it is limited to these browsers: Minimal requirements: Firefox 1.5, Thunderbird 1.5, SeaMonkey 1.0, Flock 0.5, Songbird 0.2. Erich ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: performance impact of large /etc/hosts files
On Wed, 12 Dec 2007, Alex Zbyslaw wrote: Warren Block wrote: Like AdblockPlus. According to it's web pages *Note*: It is recommended to use at least Firefox 2.0, Thunderbird 2.0, SeaMonkey 1.1 or Songbird 0.2. Older versions receive less testing and support for them is likely to be dropped in a few months. The other schemes mentioned in this thread (hosts, DNS, squid) work with any and every web browser. The OP already said he doesn't use Firefox. Guess I missed that. Having tried 127.0.0.1 entries in /etc/hosts and squid in an company setting, Adblock is so much easier that I don't want to think about going back. It may be possible to use an Adblock subscription to update a squid setup. That would provide the best of both. -Warren Block * Rapid City, South Dakota USA ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: performance impact of large /etc/hosts files
On Wed, 12 Dec 2007 12:05:53 -0700 (MST) Warren Block [EMAIL PROTECTED] wrote: It may be possible to use an Adblock subscription to update a squid setup. That would provide the best of both. There's no need to do that, you can use a script like adzapper with squid. It's in ports (www/adzap), so you can pickup a new default rule file with port updates. And you can define additional rules and exceptions. The only thing I had to set was some exceptions for sites, I don't mind seeing adds for. There's at least one other add blocking squid redirector in ports. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: performance impact of large /etc/hosts files
On Wed, Dec 12, 2007 at 09:10:15PM +, RW wrote: On Wed, 12 Dec 2007 12:05:53 -0700 (MST) Warren Block [EMAIL PROTECTED] wrote: It may be possible to use an Adblock subscription to update a squid setup. That would provide the best of both. There's no need to do that, you can use a script like adzapper with squid. It's in ports (www/adzap), so you can pickup a new default rule file with port updates. And you can define additional rules and exceptions. The only thing I had to set was some exceptions for sites, I don't mind seeing adds for. There's at least one other add blocking squid redirector in ports. well, thi sounded great until I read squid. Isn't that something to do with FBSD and Windows? If not, how hard is squid to install; what does it do? ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED] -- Gary Kline [EMAIL PROTECTED] www.thought.org Public Service Unix http://jottings.thought.org http://transfinite.thought.org ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: performance impact of large /etc/hosts files
Am Donnerstag, 13. Dezember 2007 06:52:41 schrieb Gary Kline: well, thi sounded great until I read squid. Isn't that something to do with FBSD and Windows? If not, how hard is squid to install; what does it do? You're probably thinking of samba, which is an implementation of the SMB protocol (server-side) for *nix-systems. The operating system using SMB as client is most probably Windows in case you set up a samba server. squid is an HTTP-proxy. Something completely different. And setting it up (at least with a default configuration, which you'll have to adapt) is simply installing the port and starting it. -- Heiko Wundram Product Application Development ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: performance impact of large /etc/hosts files
On Tuesday 11 December 2007 05:18:40 Erich Dollansky wrote: Hi, I wonder what the performance impact of the entries in /etc/hosts really is. What is your experience? Google tells me a lot of hosts running FreeBSD but I could not find anything regarding the hosts file itself. I use hosts for filtering all unwanted content on my personal machine. That's not apparent. What are your filtering? and how do your filter using /etc/hosts? From man hosts: DESCRIPTION The hosts file contains information regarding the known hosts on the net- work. It can be used in conjunction with DNS, and the NIS maps `hosts.byaddr' and `hosts.byname', as controlled by nsswitch.conf(5). For example, my computer's name is iris.teledomenet.gr. This is not a fully qualified hostname. It's not in the Domain Name System. So, I have to enter this information manually to my /etc/hosts, so my OS will know that iris.teledomenet.gr is the local host. Example /etc/hosts: 192.168.1.71 iris iris.teledomenet.gr I recall that before DNS(that's a long time ago) the mapping between IP addresses and hostnames was achieved using /etc/hosts. And one could get a hosts file from a well known place(IANA?) The only filtering I can imagine of, is using something like 127.0.0.1 badhosts.com But all you get is misinforming *your* resolver that badhosts.com is on 127.0.0.1, that is, *you* cannot connect to badhosts.com. badhosts.com can connect to your machine just fine. And I doubt that's what you want. Please, clarify a bit. Nikos ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: performance impact of large /etc/hosts files
Hi, Nikos Vassiliadis wrote: On Tuesday 11 December 2007 05:18:40 Erich Dollansky wrote: I use hosts for filtering all unwanted content on my personal machine. That's not apparent. What are your filtering? all the sites I personally do not want to see. and how do your filter using /etc/hosts? 127.0.0.1 BadHost.com I recall that before DNS(that's a long time ago) the mapping Yes, this was normal, a long time ago. The only filtering I can imagine of, is using something like 127.0.0.1 badhosts.com Yes. But all you get is misinforming *your* resolver that Yes, this is what I want. Just the machine I am working on. No other machine should get any impact from this. badhosts.com is on 127.0.0.1, that is, *you* cannot connect to badhosts.com. Yes, this is what I want. badhosts.com can connect to your machine just fine. Yes, if they would come through to it. And I doubt that's what you want. This is really what I want. Just avoiding the traffic, the time and the optical disturbance caused by all those sites. I would even prefer a method as simple as hosts but linked even to my user account. Erich ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: performance impact of large /etc/hosts files
And it just occured to me that you really mean /etc/hosts.allow and not /etc/hosts... ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: performance impact of large /etc/hosts files
On Tue, 11 Dec 2007, Erich Dollansky wrote: This is really what I want. Just avoiding the traffic, the time and the optical disturbance caused by all those sites. I would even prefer a method as simple as hosts but linked even to my user account. http://adblockplus.org/en/ works fine on Firefox. Easier to use and more effective than 127.0.0.1 entries in /etc/hosts. -Warren Block * Rapid City, South Dakota USA ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: performance impact of large /etc/hosts files
Hi, Warren Block wrote: On Tue, 11 Dec 2007, Erich Dollansky wrote: This is really what I want. Just avoiding the traffic, the time and the optical disturbance caused by all those sites. I would even prefer a method as simple as hosts but linked even to my user account. http://adblockplus.org/en/ works fine on Firefox. Easier to use and more effective than 127.0.0.1 entries in /etc/hosts. I do not even use Firefox. hosts has the clear limit that stuff coming from the same site as the text I want to read is still shown. In general, it works fine. But new sites have new stuff I would like to be filtered out. To make these experiences as rare as possible, I collect from friends and the Internet hosts files to filter as much as possible. This resulted in a pretty large file meanwhile. But the Internet looks much more usable for me now. Erich ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: performance impact of large /etc/hosts files
Erich Dollansky wrote: But new sites have new stuff I would like to be filtered out. To make these experiences as rare as possible, I collect from friends and the Internet hosts files to filter as much as possible. This resulted in a pretty large file meanwhile. But the Internet looks much more usable for me now. Assuming I've understood your initial post correctly, then I do the same, redirecting some dozen ad sites to a local web server. With a dozen or so aliases I've never noticed any difference in performance, but I suspect you have rather more than that :-) I could never quite be bothered to maintain the list once I'd filtered ads from the sites I use most often. I think the answer to your original question is going to be look at the source code. If your hosts file is really that large then I suspect it will be having a performance effect and only you can judge if it's significant or not. Large hosts files are not the future, so performance improvements in the future are unlikely, I would say. I'm pretty sure you could also do the same with a local DNS server, if you wanted to abuse it in this way, and that would *probably* be faster since the code would expect to deal with large lists of hosts. Been a while since I did anything like that, though, and never on the scale you seem to be describing. There's no clean solutions to getting different lookups per-user that I am aware of, but unless your host is also performing some service that involves a lot of name resolution then why care? (And if it is, you shouldn't be using it as a general web browser :-)) Unclean solutions might include something like making the hosts file point to some automounted directory which changed per user, but you'd have to be sure that you saw a valid hosts file at boot time. Fiddling with symlinks in rc scripts could do that, I'm sure. --Alex ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: performance impact of large /etc/hosts files
Hi, Alex Zbyslaw wrote: Erich Dollansky wrote: Assuming I've understood your initial post correctly, then I do the same, redirecting some dozen ad sites to a local web server. With a this is how I started. Then friends did the same. We exchanged the files. We added hosts files from the Internet. dozen or so aliases I've never noticed any difference in performance, but I suspect you have rather more than that :-) I could never quite be I also do not notice a difference. Especially news sites with all the ads are even faster as there is no waiting for the ads. I'm pretty sure you could also do the same with a local DNS server, if This is what I am thinking of since some time but I never did. It would have the additional advantage of faster name resolution. Having a DNS on every machine seems like a real overkill to me. There's no clean solutions to getting different lookups per-user that I The clen solution is hosts. Unclean solutions might include something like making the hosts file This is something I would like to avoid. Erich ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: performance impact of large /etc/hosts files
On Wednesday 12 December 2007 04:06:01 Erich Dollansky wrote: There's no clean solutions to getting different lookups per-user that I The clen solution is hosts. But hosts is operating system-wide. Both ipfw and pf support tables, which is what you want, large sets or unrelated (addresses|networks). Both of them support UID matching as a target (caution: this feature is not mpsafe on FreeBSD-6). Out of curiosity, how big your hosts file is? Can you share it with the rest of us? Perhaps upload it somewhere, so we can try your approach? Nikos ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
