|
||||||||||
My question is slightly my confusion. Do you want to use host files for blocked websites? or...for LAN clients wanting to go through the firewall ? - don On Apr 4, 2005 11:52 AM, ryan <ryanag at zoominternet dot net> wrote: > > According to me, the directives of the creator of m0n0wall, has been > > clearly stated that m0n0wall, wants to be basically a firewall, and do > > activities base on a Firewall, and not an e-mail server, spamfighter etc... > > Making the modifications we discussed (hosts file blocking) does not make > m0n0wall an email server or spamfighter. > > It does give some more access control flexibility, something most firewalls > try to do. > > > > What i would advise, is installing redwall-firewall or clarck connect of > > which u can use as a stand-alone server, and have your users using > > transperant proxy, > > Overkill for the requested feature. > > The only things required are: > -Proxy DNS on the firewall (m0n0wall does this already) > -a place to put the modifications and an easy way to edit > > A proxy server is not required for a firewall to implement access control > based on hostname if it acts as a DNS proxy. > cause slower reboots, and if i'm on the right track, > > > think it did cause some extra cpu burden, depending on the size of the host > > file > > Clearly an issue. I've run hosts-file based blocking on ancient machines with > coyote linux and have seen no slowdown. I doubt the performance hit would be > too terrible, although I have no evidence unless we try it. :-D > > On Monday 04 April 2005 08:35, Mr. listman wrote: > > According to me, the directives of the creator of m0n0wall, has been > > clearly stated that m0n0wall, wants to be basically a firewall, and do > > activities base on a Firewall, and not an e-mail server, spamfighter etc... > > > > What i would advise, is installing redwall-firewall or clarck connect of > > which u can use as a stand-alone server, and have your users using > > transperant proxy, > > Clearkconnect has all these added features, > > SpamFighter, Popup Blocker, SpyWare blocker, u namer it. > > > > We do would like to have all of these nice tools on one dedicated pc, but > > the creator of m0n0wall, made it clearly the direction of m0n0wall, so many > > other features just won't be added, or maybe u can take a look at pfsense.. > > > > If u search the threads, u would find a thread on using the host file, as > > somekind of blocker, but if my memory serves me correct, it took some > > extra time to load, cause slower reboots, and if i'm on the right track, i > > think it did cause some extra cpu burden, depending on the size of the host > > file > > > > over and out > > > > On Monday 04 April 2005 07:35, Curt Maughs wrote: > > > Would anyone besides myself find this useful? > > >I am trying to add hosts from the blacklisted mailservers and spyware host > > >lists so > > >that I will not have to worry if a user's individual machine is update > > >anymore. > > > > _________________________________________________________________ > > Talk with your online friends with MSN Messenger http://messenger.msn.nl/ > > > > > > --------------------------------------------------------------------- > > To unsubscribe, e-mail: m0n0wall dash unsubscribe at lists dot m0n0 dot ch > > For additional commands, e-mail: m0n0wall dash help at lists dot m0n0 dot ch > > --------------------------------------------------------------------- > To unsubscribe, e-mail: m0n0wall dash unsubscribe at lists dot m0n0 dot ch > For additional commands, e-mail: m0n0wall dash help at lists dot m0n0 dot ch > > |