On 2015-03-23 10:28, Cristián Edwards wrote:
Hello,
If I want to introduce URL Blacklist to my edge firewall, Should I use
SquidGuard or just pf tables?
The amount of domains is in the number of millions, like 1.5 million
entries.
Blacklists that I've found:
http://www.squidguard.org/blacklists.html
In Addition, I *believe* PF only handles IP values, how will it manage
domain names coming from these lists? Will it just resolve the domain
names
at the time of applying the rules?
Best,
Cristian
I'm using divert(4) in combination with pf-diverters[1] to integrate
the Spamhaus CBL with PF. IP addresses are tested and added to
applicable PF tables. Excerpts from my pf.conf are available.[2]
[1] https://github.com/echothrust/pf-diverters
[2] http://daemonforums.org/showthread.php?t=8846
