Date: Wed, 11 Aug 2021 13:25:31 -0700 From: Michael Sierchio <kudzu@tenebras.com> To: FreeBSD Mailing List <freebsd-questions@freebsd.org> Subject: Re: Can ipfw Rules Be Based On DNS Name Message-ID: <CAHu1Y71VfnE%2BNvgGLPBQ21VuqduspNceM8RDxhJyP=Tv4HdShQ@mail.gmail.com> In-Reply-To: <ac332bfe-314a-ac76-eeb4-f0111bac4d0d@tundraware.com> References: <ac332bfe-314a-ac76-eeb4-f0111bac4d0d@tundraware.com>
next in thread | previous in thread | raw e-mail | index | archive | help
On Wed, Aug 11, 2021 at 1:05 PM Tim Daneliuk via freebsd-questions < freebsd-questions@freebsd.org> wrote: > I have used ipfw for years to configure access at the IP address level. > > I now need to block a particular domain and all its subdomains from > accessing anything on the server. Is this possible using the top level > domain name rather than IPs (which appear to be fluid). > Generally, no. Also, specifically, no. There isn't a way of solving the problem as you've articulated it. You can block entire countries by IP block. You can block a company's entire CIDR block if it has one allocated. Tables make this easy. You can create a cron job to do a whois on incoming traffic (if you're loggin it), and block if it's undesireable (add the block to your reject table). If you were concerned with outbound, rather than inbound traffic, I would say sinkhole / blackhole DNS works.
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?CAHu1Y71VfnE%2BNvgGLPBQ21VuqduspNceM8RDxhJyP=Tv4HdShQ>