From owner-freebsd-questions@FreeBSD.ORG Thu Jun 17 21:13:01 2010 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 5628E106564A for ; Thu, 17 Jun 2010 21:13:01 +0000 (UTC) (envelope-from valerian_ro@yahoo.com) Received: from web30703.mail.mud.yahoo.com (web30703.mail.mud.yahoo.com [68.142.200.136]) by mx1.freebsd.org (Postfix) with SMTP id 1D2C88FC15 for ; Thu, 17 Jun 2010 21:13:00 +0000 (UTC) Received: (qmail 67527 invoked by uid 60001); 17 Jun 2010 21:13:00 -0000 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yahoo.com; s=s1024; t=1276809180; bh=AXMkJTCdcewkZJnXcBrXt9mZspJU7r+o7iliZ+d07+c=; h=Message-ID:X-YMail-OSG:Received:X-Mailer:Date:From:Subject:To:In-Reply-To:MIME-Version:Content-Type; b=TM/0MT/3ZUQgf6BQ4dCdSTV8cxzicTHvU5Hg2H/bQ7LRgmXrrHNbqq/OuzJfOF2Yy83tDlsL70LtgdYPtbq/92nLA+flagW69/7VUnpE6o/tGp8ZLcuG+oySYzVUoezS38glxlQ4ZgRJ8yHclGvQkBS7XCyOmgnbjPCyw+L+kaQ= DomainKey-Signature: a=rsa-sha1; q=dns; c=nofws; s=s1024; d=yahoo.com; h=Message-ID:X-YMail-OSG:Received:X-Mailer:Date:From:Subject:To:In-Reply-To:MIME-Version:Content-Type; b=Cbp6vPlmXyKgkNlpGzTdPsNy8djS7klsx6/OlJvuDFlVUnIfLuruBS2fZkVPUu7GQv0m6B/4ttq/Tjsxea1Pw52KuYl+QP5iyPuB/DvQ3UQmGuDOfBCt4G1qYX6UbwVTJUcXVW4R0GNNR9Ji48WwZh7r+0WHhgPHIKo9XZGqaWg=; Message-ID: <668660.67477.qm@web30703.mail.mud.yahoo.com> X-YMail-OSG: 7YHX82AVM1nTWlA3sSN7jB5ZcjvzZ5ioi5RZzDw0Kaopkze pgIUd7xy0AE39Sb8dV0M5KpaK_2hrWubZBlIXoVZUsQ25M7kuNjLShn5XQYj 50Ze8eF319K.PyvkE9IMJFTBcNf7wGgJRcGlUFZQvnmU2mn62Jv0Nk0R0UA2 DfDecqkuGg26YV.LDX.H82pAXCcInlonv5QB5Zb1Mb_vzEaFBb_6G13GusWY ViPzhdkL7UDv.adVKk3G5mDjX54eqtWRPA1vnOguCDDBa3dJTf.lgXIjWH54 5HGNuvt0ylzZtcT.9V3qq958MvdKjWkDTD62bGV_.fJ7b9JTSjdubyIt5lGQ - Received: from [89.40.222.110] by web30703.mail.mud.yahoo.com via HTTP; Thu, 17 Jun 2010 14:13:00 PDT X-Mailer: YahooMailClassic/11.1.4 YahooMailWebService/0.8.103.269680 Date: Thu, 17 Jun 2010 14:13:00 -0700 (PDT) From: Valerian Galeru To: freebsd-questions@freebsd.org In-Reply-To: MIME-Version: 1.0 Content-Type: text/plain; charset=iso-8859-1 Content-Transfer-Encoding: quoted-printable X-Content-Filtered-By: Mailman/MimeDel 2.1.5 Subject: Re: FreeBSD router (IPFW-based): how to block an URL (all IPs of an A-like HOSTNAME) X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 17 Jun 2010 21:13:01 -0000 The idea with the DNS server is wonderful, but the problem is, that in my n= etwork the DNS server is the one in Internet [i dont run a DNS server and a= ll local/LAN computers are configured manually to use a public DNS server ]= . --- On Fri, 6/18/10, Gary Gatten wrote: From: Gary Gatten Subject: Re: FreeBSD router (IPFW-based): how to block an URL (all IPs of a= n A-like HOSTNAME) To: "'valerian_ro@yahoo.com'" , "'freebsd-questions@= freebsd.org'" Date: Friday, June 18, 2010, 12:08 AM What about an entry in your local DNS (what your hosts use) that gives a bo= gus ip (127.0.0.1?) for *.badhost.com?=A0 Then users can never connect to b= adhost.com.=20 I don't know too many FW's that allow you to use a URL in a rule.=A0 IIRC, = CheckPoint-FW1 did/does, but they recommend against it due to overhead. As pointed out, Squid or other light weight white/blacklist thingy might be= in order. ----- Original Message ----- From: owner-freebsd-questions@freebsd.org To: freebsd-questions@freebsd.org Sent: Thu Jun 17 15:56:23 2010 Subject: Re: FreeBSD router (IPFW-based): how to block an URL (all IPs of a= n=A0=A0=A0 A-like HOSTNAME) Ok, very simple put: To do this without shell scripting, but this could avoid filter future IP a= ddresses: 1. DIG HOSTNAMEs and add ipfw block rules for those IPs 2. DIG HOSTNAMEs and add a null rule To block all *.hostname and future IP addresses of any of *.hostname, there= must be written a shell script, that analyzes all requests [have no idea h= ow to execute a shell script LIVE!!!, any idea on this topic?]. --- On Thu, 6/17/10, Bernt Hansson wrote: From: Bernt Hansson Subject: Re: FreeBSD router (IPFW-based): how to block an URL (all IPs of a= n A-like HOSTNAME) To: "Valerian Galeru" Cc: freebsd-questions@freebsd.org Date: Thursday, June 17, 2010, 11:47 PM Valerian Galeru said the following on 2010-06-17 22:01: > Hello, >=20 > Does anyone have any ideas how to block all requests using an IPFW-based = router > (FreeBSD 6.4) to and from a HOSTNAME (which has more DNS A entries) or be= tter, from any *.HOSTNAME.COM ???? Do a whois hostname.com taking note of their ip-address range. Then, for ip= f, put this in your rules file. ### EXAMPLE ### block in quick on fxp0 from 192.168.0.0/16 to any block out quick on fxp0 from any to 192.168.0.0/16 =A0 =A0 =A0=20 _______________________________________________ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions=0A To unsubscribe, send any mail to "freebsd-questions-unsubscribe@freebsd.org= " -----Inline Attachment Follows----- _______________________________________________ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscribe@freebsd.org= "=0A=0A=0A