On 03-Sep-99 Patrick Olson wrote: > >> Read the IPCHAINS HOWTO. I think you can do something like: >> ipchains -A input -s ad.doubleclick.net -j DENY >> ipchains -A output -d ad.doubleclick.net -j DENY >> You probably want to tailor the above to meet your needs. >> This will block *any* kind of connection to/from that site, although DNS >> lookups will still work. Your browser will probably complain of timeout >> connecting to that site or something. I'm not quite sure about a cleaner >> solution. > > What about using REJECT instead of DENY? That way the browser should > immediately be told that the destination (in this case > ad.doubleclick.net) > could not be reached.
I believe DENY would cause the browser to time out, but not right away. I only use DENY for spam hosts/nets so that the spammer wastes more time. -- Andrew
