FQDN filtering

/dev/rob0 rob0 at gmx.co.uk
Tue Aug 30 16:54:00 CEST 2005


> rockey dada escreveu:
> >Is there any way one can use IPTABLES to filter traffic based on
> > "Fully Qualified Domain Names".
> >
On Tuesday 2005-August-30 08:22, Leonardo Rodrigues Magalhães wrote:
>     Anyway, filtering FQDNs seems to be nice on application level and
> not always on IP level. Are you thinking on web filtering ??? Why not
> using a http proxy (squid) for doing that ?? Are you thinking on SPAM
> fighting ?? Why not using your MTA capabilities for that ??

A more basic and cross-protocol approach would be to intercept and 
redirect all DNS traffic into a transparent proxy, and have your 
nameserver be authoritative for the [un]wanted FQDN's. Definitely, the 
OP must be more explicit about the goal, if a useful answer is wanted.
-- 
    mail to this address is discarded unless "/dev/rob0"
    or "not-spam" is in Subject: header



More information about the netfilter mailing list