[Dnsmasq-discuss] question about limits of dnsmasg
Peter Willis
psyphreak@phreaker.net
Tue, 01 Mar 2005 17:52:28 -0500
GrantC writes:
> On Tue, 01 Mar 2005 11:16:54 -0500, you wrote:
>
>>Yes, it will work, almost exactly as you descibe actually (though there are
>>better ways of going about it using a file separate from /etc/hosts). Read
>>the /etc/dnsmasq.conf file for examples and further detail. (There is even
>>an example that changes all domains matching doubleclick.net to 127.0.0.1,
>>which when combined with apache and virtual hosting makes for a very simple
>>yet effective ad blocker)
>
> OT: I have apache (1.3.?) setup with virtual hosting, what do you
> do to use it as an ad-blocker?
http://psypete.hatethesystem.com/tips/ad_blocking/http_redirection.txt
>>
>>Eric S. Johansson writes:
>>
>>> I'm very impressed by the capabilities of dnsmasg but I try to find out if
>>> what I want to can be done without going to full bind.
>>>
>>> the network here is a classic red/green/orange security zone.
>
>>Eric S. Johansson also writes:
>
>>It seems to me that in order to get the behavior I want, I will need to
>>tell dnsmasq to not use resolve.conf but instead use name servers
>>specified by server. then I can have resolv.conf pointed at local host.
>>
> You may stop dnsmasq going 'outside' for localnet lookups by
> listing local machines in an additional hosts file. From inside
> all machines visible, from outside only what you want is visible.
>
> Example: firewall web server may deliver NFS mount content from
> other localnet machines. Mountpoints have 'offline' message when
> not in operation. Haben't had second morning coffee yet :)
>
> Cheers,
> Grant.
>
>
> _______________________________________________
> Dnsmasq-discuss mailing list
> Dnsmasq-discuss@lists.thekelleys.org.uk
> http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss