From owner-freebsd-questions@FreeBSD.ORG  Wed Dec 12 12:08:20 2007
Return-Path: <owner-freebsd-questions@FreeBSD.ORG>
Delivered-To: freebsd-questions@freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34])
	by hub.freebsd.org (Postfix) with ESMTP id 2648716A417
	for <freebsd-questions@freebsd.org>;
	Wed, 12 Dec 2007 12:08:20 +0000 (UTC)
	(envelope-from wundram@beenic.net)
Received: from mail.beenic.net (mail.beenic.net [83.246.72.40])
	by mx1.freebsd.org (Postfix) with ESMTP id CE2B913C465
	for <freebsd-questions@freebsd.org>;
	Wed, 12 Dec 2007 12:08:19 +0000 (UTC)
	(envelope-from wundram@beenic.net)
Received: from [192.168.1.32] (a89-182-16-204.net-htp.de [89.182.16.204])
	(using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits))
	(No client certificate requested)
	by mail.beenic.net (Postfix) with ESMTP id 1C0E7A44529;
	Wed, 12 Dec 2007 13:01:13 +0100 (CET)
From: "Heiko Wundram (Beenic)" <wundram@beenic.net>
Organization: Beenic Networks GmbH
To: freebsd-questions@freebsd.org
Date: Wed, 12 Dec 2007 13:10:01 +0100
User-Agent: KMail/1.9.7
References: <475E0190.7030909@pacific.net.sg>
	<200712120920.46626.nvass@teledomenet.gr>
	<475FCD8A.5090903@dial.pipex.com>
In-Reply-To: <475FCD8A.5090903@dial.pipex.com>
MIME-Version: 1.0
Content-Type: text/plain;
  charset="iso-8859-1"
Content-Transfer-Encoding: 7bit
Content-Disposition: inline
Message-Id: <200712121310.01617.wundram@beenic.net>
Cc: Nikos Vassiliadis <nvass@teledomenet.gr>,
	Alex Zbyslaw <xfb52@dial.pipex.com>
Subject: Re: performance impact of large /etc/hosts files
X-BeenThere: freebsd-questions@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: User questions <freebsd-questions.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-questions>, 
	<mailto:freebsd-questions-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-questions>
List-Post: <mailto:freebsd-questions@freebsd.org>
List-Help: <mailto:freebsd-questions-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-questions>, 
	<mailto:freebsd-questions-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Wed, 12 Dec 2007 12:08:20 -0000

Am Mittwoch, 12. Dezember 2007 13:01:14 schrieb Alex Zbyslaw:
> <snip explanation>
> I don't see how a firewall is appropriate for this (hosts.allow,
> likewise).  The point of the exercise is to never even contact the ad host.

Transparent proxy with squid on the firewall? There's even plugins to manage 
exactly this kind of ad-blocking with squid; although I don't currently know 
the extension's name.

This is pretty much going to be your only option to do this in a centralized 
fashion.

-- 
Heiko Wundram
Product & Application Development