Discussion:
How do you build a domain blacklist file on Netbsd?
Ottavio Caruso
2014-04-27 11:04:33 UTC
Permalink
I have a long list of banned domains that I would like to import into
the host file.

On Linux I had these entries mapped to 127.0.0.1 in /etc/hosts, but
this doesn't seem to work on Netbsd.

Any help appreciated.
--
Ottavio
Eric Haszlakiewicz
2014-04-27 14:32:42 UTC
Permalink
Post by Ottavio Caruso
I have a long list of banned domains that I would like to import into
the host file.
On Linux I had these entries mapped to 127.0.0.1 in /etc/hosts, but
this doesn't seem to work on Netbsd.
That should work the same. Can you explain a bit more about what exactly doesn't work?

Eric
Ottavio Caruso
2014-04-27 14:48:38 UTC
Permalink
Post by Eric Haszlakiewicz
Post by Ottavio Caruso
I have a long list of banned domains that I would like to import into
the host file.
On Linux I had these entries mapped to 127.0.0.1 in /etc/hosts, but
this doesn't seem to work on Netbsd.
That should work the same. Can you explain a bit more about what exactly doesn't work?
Eric
I've backed up the original host file and replaced it with this:
http://winhelp2002.mvps.org/hosts.txt

But all domains listed are stlil reachable even if I restart
rc.d/network or reboot the computer.

I've also loaded a similar blacklist file with 127.0.0.1 instead of
0.0.0.0 as first entry, and also rebooted but to no avail.
--
Ottavio
Ottavio Caruso
2014-04-27 21:16:23 UTC
Permalink
Post by Eric Haszlakiewicz
Post by Ottavio Caruso
I have a long list of banned domains that I would like to import into
the host file.
On Linux I had these entries mapped to 127.0.0.1 in /etc/hosts, but
this doesn't seem to work on Netbsd.
That should work the same
It turned out to be true. I had probably used a file in a wrong format.

I have been able now to import this file from:
http://winhelp2002.mvps.org/hosts.txt

I have mass replaced "0.0.0.0" with "127.0.0.1" and now many
*.doubleclick.net are indeed blocked, but not all. Google likes to
mess with creative subdomains to get around the dns block.
--
Ottavio
herbert langhans
2014-04-27 16:36:54 UTC
Permalink
From: Ottavio Caruso <ottavio2006-***@yahoo.com> [140427 14:55]
I have a long list of banned domains that I would like to import into
the host file.
On Linux I had these entries mapped to 127.0.0.1 in /etc/hosts, but
this doesn't seem to work on Netbsd.
Any help appreciated.
--
Ottavio


Maybe a case for ipfilter?

Do you want your local users not to be able to access certain pages or some
certain ip-ranges out there cannot access your server?

--
herb langhans
herbert langhans
2014-04-27 17:16:11 UTC
Permalink
Post by herbert langhans
Maybe a case for ipfilter?
I can give it a look but I think ip filters blocks by IP not domains.
Post by herbert langhans
Do you want your local users not to be able to access certain pages or some
certain ip-ranges out there cannot access your serve
No, I only want to block malware sites and annoying tracking website
when I browse web pages.
--
Ottavio

Yes, that seems not to work with ipfilter (unless you write a script to
scan all the domain's ip-numbers to gather a list). Ipfilter is very
efficient though and low on ressources.

For the case you use firefox, there is a great plugin - http://noscript.net/

I use noscript for quite a while and its flexible locking out some redirecting
scripts.
--
herb langhans
Ottavio Caruso
2014-04-27 16:40:37 UTC
Permalink
Post by herbert langhans
Maybe a case for ipfilter?
I can give it a look but I think ip filters blocks by IP not domains.
Post by herbert langhans
Do you want your local users not to be able to access certain pages or some
certain ip-ranges out there cannot access your serve
No, I only want to block malware sites and annoying tracking website
when I browse web pages.
--
Ottavio
Paul Newhouse
2014-04-27 19:03:55 UTC
Permalink
I probably don't understand the problem correctly but, my first thought was
something like portsentry.

Paul
Post by herbert langhans
Post by herbert langhans
Maybe a case for ipfilter?
I can give it a look but I think ip filters blocks by IP not domains.
Post by herbert langhans
Do you want your local users not to be able to access certain pages or some
certain ip-ranges out there cannot access your serve
No, I only want to block malware sites and annoying tracking website
when I browse web pages.
--
Ottavio
Loading...