On Thu, 2 Sep 1999 [EMAIL PROTECTED] wrote:
> On Tue, Aug 31, 1999 at 10:26:28PM +0200, andreas palsson was heard to state:
> > I am using Debian GNU/Linux as a nameserver, and I wonder how do I
> > modify it to reject all lookups for stupid sites like
> > "ad.doubleclick.net" or any other annoying banner-site?
> > I've been told to use something called "junkbuster" but I rather not run
> > anything extra on the host, I simply would like to change something in
> > the bind-configuration.
>
> I know it's not a direct answer to your question, but I seem to recall
> having seen doing this exact thing using the IP tools. I'm not exactly
> sure, but I *think* it was in the IPChains HOWTO. The example was
> blocking a site (ad.doubleclick.net) with ipchains.
Read the IPCHAINS HOWTO. I think you can do something like:
ipchains -A input -s ad.doubleclick.net -j DENY
ipchains -A output -d ad.doubleclick.net -j DENY
You probably want to tailor the above to meet your needs.
This will block *any* kind of connection to/from that site, although DNS
lookups will still work. Your browser will probably complain of timeout
connecting to that site or something. I'm not quite sure about a cleaner
solution.
T
