FQDN filtering
/dev/rob0
rob0 at gmx.co.uk
Tue Aug 30 16:54:00 CEST 2005
> rockey dada escreveu:
> >Is there any way one can use IPTABLES to filter traffic based on
> > "Fully Qualified Domain Names".
> >
On Tuesday 2005-August-30 08:22, Leonardo Rodrigues Magalhães wrote:
> Anyway, filtering FQDNs seems to be nice on application level and
> not always on IP level. Are you thinking on web filtering ??? Why not
> using a http proxy (squid) for doing that ?? Are you thinking on SPAM
> fighting ?? Why not using your MTA capabilities for that ??
A more basic and cross-protocol approach would be to intercept and
redirect all DNS traffic into a transparent proxy, and have your
nameserver be authoritative for the [un]wanted FQDN's. Definitely, the
OP must be more explicit about the goal, if a useful answer is wanted.
--
mail to this address is discarded unless "/dev/rob0"
or "not-spam" is in Subject: header
More information about the netfilter
mailing list