[Dnsmasq-discuss] question about limits of dnsmasg

Peter Willis psyphreak@phreaker.net
Tue, 01 Mar 2005 17:52:28 -0500


GrantC writes: 

> On Tue, 01 Mar 2005 11:16:54 -0500, you wrote: 
> 
>>Yes, it will work, almost exactly as you descibe actually (though there are 
>>better ways of going about it using a file separate from /etc/hosts). Read 
>>the /etc/dnsmasq.conf file for examples and further detail. (There is even 
>>an example that changes all domains matching doubleclick.net to 127.0.0.1, 
>>which when combined with apache and virtual hosting makes for a very simple 
>>yet effective ad blocker) 
> 
> OT: I have apache (1.3.?) setup with virtual hosting, what do you 
> do to use it as an ad-blocker?  

http://psypete.hatethesystem.com/tips/ad_blocking/http_redirection.txt 

>>
>>Eric S. Johansson writes:  
>>
>>> I'm very impressed by the capabilities of dnsmasg but I try to find out if 
>>> what I want to can be done without going to full bind.  
>>> 
>>> the network here is a classic red/green/orange security zone. 
> 
>>Eric S. Johansson also writes:
> 
>>It seems to me that in order to get the behavior I want, I will need to 
>>tell dnsmasq to not use resolve.conf but instead use name servers 
>>specified by server.  then I can have resolv.conf pointed at local host. 
>>
> You may stop dnsmasq going 'outside' for localnet lookups by 
> listing local machines in an additional hosts file.  From inside 
> all machines visible, from outside only what you want is visible. 
> 
> Example: firewall web server may deliver NFS mount content from 
> other localnet machines.  Mountpoints have 'offline' message when 
> not in operation.  Haben't had second morning coffee yet :) 
> 
> Cheers,
> Grant. 
> 
> 
> _______________________________________________
> Dnsmasq-discuss mailing list
> Dnsmasq-discuss@lists.thekelleys.org.uk
> http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss