From owner-freebsd-questions@FreeBSD.ORG Fri Dec 28 04:37:01 2007 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id CC05416A4EC for ; Fri, 28 Dec 2007 04:37:01 +0000 (UTC) (envelope-from mkhitrov@gmail.com) Received: from rv-out-0910.google.com (rv-out-0910.google.com [209.85.198.187]) by mx1.freebsd.org (Postfix) with ESMTP id A46A513C4EB for ; Fri, 28 Dec 2007 04:37:01 +0000 (UTC) (envelope-from mkhitrov@gmail.com) Received: by rv-out-0910.google.com with SMTP id l15so3715749rvb.43 for ; Thu, 27 Dec 2007 20:37:01 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=domainkey-signature:received:received:message-id:date:from:to:subject:cc:in-reply-to:mime-version:content-type:content-transfer-encoding:content-disposition:references; bh=Qj7xnCAZ7Suu2G/KTPwrFmerIv22zpq/lQZB75no95A=; b=FdjiYPcQ6UK/LJy4EvBLi86vDZCP2FZafthrNs+nQ9ufL7OmtpyDStOcoi5kfzRH+Sd5R2Euj1GswdOzGiqDgcJU9Iv8Y/uVaPplF2S6PxOH9uIYfrqoUe3VCAzSjh6S/F8YqZoXvVeTWDQbNz94aTtoo4r+I8lPzv1/szd8Rqk= DomainKey-Signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=message-id:date:from:to:subject:cc:in-reply-to:mime-version:content-type:content-transfer-encoding:content-disposition:references; b=GCVmWuokXBP0Pc2kIL5QuDr05V8RcfwMZ2CMCiMJVXqstfF1V+jXUnlGusWPkrgmN3P/Dr5CFYRGxO/SI1JVjCB76TZFPExa77zhpgrzPmLOlOgbUe+u8FNL+fPE4JypANdE+YjBV5spu6/Xo6BtxKPn2jJwsXtlCm8w375p6L8= Received: by 10.142.194.1 with SMTP id r1mr453751wff.176.1198816621363; Thu, 27 Dec 2007 20:37:01 -0800 (PST) Received: by 10.142.242.11 with HTTP; Thu, 27 Dec 2007 20:37:01 -0800 (PST) Message-ID: <26ddd1750712272037x594336efndcd136ee2101e3e7@mail.gmail.com> Date: Thu, 27 Dec 2007 23:37:01 -0500 From: "Maxim Khitrov" To: "Kevin Kinsey" In-Reply-To: <47744048.6020202@daleco.biz> MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 7bit Content-Disposition: inline References: <26ddd1750712271246j14795cf3wf8e9727f0f7cc148@mail.gmail.com> <47744048.6020202@daleco.biz> Cc: User Questions Subject: Re: Blocking undesirable domains using BIND X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 28 Dec 2007 04:37:01 -0000 On Dec 27, 2007 7:16 PM, Kevin Kinsey wrote: > Maxim Khitrov wrote: > > Hello, > > > > I'm currently setting up a new firewall for my home network using > > FreeBSD 7. The firewall will also act as our local name server > > (authoritative for the local domain, and caching for everything else). > > One of the things I'd like to do with it is use BIND to block various > > undesirable domains (ad servers, malicious sites, etc.). The plan is > > to have a separate BIND config file which is included in the main one. > > Just a question, and I'm not trying to cast doubt on your plan; I'm > curious why using BIND for this purpose instead of a proxy, which is > a more typical application as I understand it? > > Again, I'm not trying to convince you otherwise or say that using > BIND is a bad idea. It's just that I'm curious because we use > Squid for this sort of thing, and I was wondering why BIND instead? > > Kevin Kinsey I also need a local name server for my domain. That's the primary function, and this filtering stuff is just an added bonus. It'll also be nice to bypass the ISP name servers, which haven't been very reliable lately. - Max