Another thought here is to control this via your own DNS recursor instead of /etc/hosts. You can setup the free PowerDNS recursor (https://www.powerdns.com/recursor.html) on your computer, then point your resolv.conf to it (or put it in the DHCP on your network if you want other machines to use it too).
The trick here would be that PowerDNS lets you use LUA scripting to modify DNS queries/results on the fly. With this, you could list the zones that you wanted blocked during which time windows, then modify the TTL (in the “postresolve" hook) on those zones to be something pretty low. That way even your browser and OS DNS caches will expire and switch over quickly. I haven’t tried this, would be fun to know if it works! Shannon > On Nov 26, 2015, at 8:43 AM, Michael Muller <mmul...@enduden.com> wrote: > > > James E. LaBarre wrote: >> On 11/24/2015 04:41 PM, Mike Kershaw wrote: >>> That's the problem. Full time blocking would be a lot simpler. >>> >>> There is no simple way to do this with mandatory ssl on youtube, modern >>> browsers doing dns caching, etc. >> >> I *can* get the hack to work by rebooting the machine, just figured >> there'd have to be a way to clear the local routes. > > It's not really the routing you're overriding, it's the DNS entries. > > Here's what I would try: > > - Use 'host' or 'nslookup' or 'dig' to get the addresses for the hosts you > want to block. > - Use iptables to add rules to disable communication to those addresses. > > There's still a lot of problems here. As Mike said, there's no guarantee that > the set of ip addresses associated with youtube.com is static. Adding your > DNS overrides in /etc/hosts should help with this. > > There's also the human problem that there's no limit to the number of ways you > can waste time on the internet, so even if you succeed in blocking some set of > domains, there's still millions of other ways to do non-homework activities. > > But as an 80% solution, this might work. > >> >> >> _______________________________________________ >> Mid-Hudson Valley Linux Users Group http://mhvlug.org >> https://mhvlug.org/cgi-bin/mailman/listinfo/mhvlug >> >> Upcoming Meetings (6pm - 8pm) Vassar College * >> Dec 2 - File Systems From Simple To Distributed High Performance >> Jan 6 - Why We Can'T Have The Internet Of Nice Things: A Home Automation >> Primer >> Mar 2 - Consuming The Cloud: Shoot Out >> > > > ============================================================================= > michaelMuller = mmul...@enduden.com | http://www.mindhog.net/~mmuller > ----------------------------------------------------------------------------- > Reloaded. > ============================================================================= > _______________________________________________ > Mid-Hudson Valley Linux Users Group http://mhvlug.org > https://mhvlug.org/cgi-bin/mailman/listinfo/mhvlug > > Upcoming Meetings (6pm - 8pm) Vassar College * > Dec 2 - File Systems From Simple To Distributed High Performance > Jan 6 - Why We Can'T Have The Internet Of Nice Things: A Home Automation > Primer > Mar 2 - Consuming The Cloud: Shoot Out _______________________________________________ Mid-Hudson Valley Linux Users Group http://mhvlug.org https://mhvlug.org/cgi-bin/mailman/listinfo/mhvlug Upcoming Meetings (6pm - 8pm) Vassar College * Dec 2 - File Systems From Simple To Distributed High Performance Jan 6 - Why We Can'T Have The Internet Of Nice Things: A Home Automation Primer Mar 2 - Consuming The Cloud: Shoot Out
