[ previous ] [ next ] [ threads ]
 
 From:  Don Munyak <don dot munyak at gmail dot com>
 To:  ryan <ryanag at zoominternet dot net>
 Cc:  m0n0wall at lists dot m0n0 dot ch, "Mr. listman" <savethelist at hotmail dot com>
 Subject:  Re: [m0n0wall] Host list feature request
 Date:  Mon, 4 Apr 2005 10:59:45 -0400
My question is slightly my confusion.

Do you want to use host files for blocked websites?
or...for LAN clients wanting to go through the firewall ?

- don

On Apr 4, 2005 11:52 AM, ryan <ryanag at zoominternet dot net> wrote:
> > According to me, the directives of the creator of m0n0wall, has been
> > clearly stated that m0n0wall, wants to be basically a firewall, and do
> > activities base on a Firewall, and not an e-mail server, spamfighter etc...
> 
> Making the modifications we discussed (hosts file blocking) does not make
> m0n0wall an email server or spamfighter.
> 
> It does give some more access control flexibility, something most firewalls
> try to do.
> 
> 
> > What i would advise, is installing redwall-firewall or clarck connect of
> > which u can use as a stand-alone server, and have your users using
> > transperant proxy,
> 
> Overkill for the requested feature.
> 
> The only things required are:
> -Proxy DNS on the firewall (m0n0wall does this already)
> -a place to put the modifications and an easy way to edit
> 
> A proxy server is not required for a firewall to implement access control
> based on hostname if it acts as a DNS proxy.
> cause slower reboots, and if i'm on the right track,
> 
> > think it did cause some extra cpu burden, depending on the size of the host
> > file
> 
> Clearly an issue. I've run hosts-file based blocking on ancient machines with
> coyote linux and have seen no slowdown. I doubt the performance hit would be
> too terrible, although I have no evidence unless we try it. :-D
> 
> On Monday 04 April 2005 08:35, Mr. listman wrote:
> > According to me, the directives of the creator of m0n0wall, has been
> > clearly stated that m0n0wall, wants to be basically a firewall, and do
> > activities base on a Firewall, and not an e-mail server, spamfighter etc...
> >
> > What i would advise, is installing redwall-firewall or clarck connect of
> > which u can use as a stand-alone server, and have your users using
> > transperant proxy,
> > Clearkconnect has all these added features,
> > SpamFighter, Popup Blocker, SpyWare blocker, u namer it.
> >
> > We do would like to have all of these nice tools on one dedicated pc, but
> > the creator of m0n0wall, made it clearly the direction of m0n0wall, so many
> > other features just won't be added, or maybe u can take a look at pfsense..
> >
> > If u search the threads, u would find a thread on using the host file, as
> > somekind  of blocker, but if my memory serves me correct, it took some
> > extra time to load, cause slower reboots, and if i'm on the right track, i
> > think it did cause some extra cpu burden, depending on the size of the host
> > file
> >
> > over and out
> >
> > On Monday 04 April 2005 07:35, Curt Maughs wrote:
> > >&#160;Would anyone besides myself find this useful?
> > >I am trying to add hosts from the blacklisted mailservers and spyware host
> > >lists so
> > >that I will not have to worry if a user's individual machine is update
> > >anymore.
> >
> > _________________________________________________________________
> > Talk with your online friends with MSN Messenger http://messenger.msn.nl/
> >
> >
> > ---------------------------------------------------------------------
> > To unsubscribe, e-mail: m0n0wall dash unsubscribe at lists dot m0n0 dot ch
> > For additional commands, e-mail: m0n0wall dash help at lists dot m0n0 dot ch
> 
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: m0n0wall dash unsubscribe at lists dot m0n0 dot ch
> For additional commands, e-mail: m0n0wall dash help at lists dot m0n0 dot ch
> 
>