[Dnsmasq-discuss] feature request : NXDOMAIN all domains on network
dnsmasqlist2021 at rscubed.com
dnsmasqlist2021 at rscubed.com
Mon Mar 15 02:36:28 UTC 2021
Hello,
Thanks for the many years of support for DNSMasq I have used it for a long time
as a filter for most of my machines and servers.
Currently I think DNSMasq has the ability to sinkhole all domains on an IP using
the bogus-nxdomain feature.
We would like to be able to make all domains on whole networks sinkhole / return
NXDOMAIN.
So if bogus-nxdomain could be updated to accept a network cidr I think that
would work.
This would be a powerful feature for helping everyone weed out malious domains
in bulk from known bad networks.
I would like to use it with the spamhaus DROP list (A list of bad network
blocks) to make all domains (known and currently unknown) on those networks
disappear.
This would also help stop the new evil CNAME redirector networks by allowing us
to bogus-nxdomain the end network even with the badguys changing domains/
subdomains regularly.
thanks
Matt
More information about the Dnsmasq-discuss
mailing list