|
||||||||
Tim Vaughan wrote: >> is there a way (and if not, can I make a feature request? :)) to >> blacklist hosts and networks? I just want to clean up some of my >> logs, and I remember that I used to have an array on my old >> homegrown linux firewall which I just appended once in a while with >> some obcure .cn and other networks that I know would never access my >> web server or anything else legitimately. > > Presumably, providing a simple way to edit /etc/hosts directly would > be sufficient? I'd like to be able to paste a big list of ad/spyware > etc. servers into it. If you are talking about FQDNs you can use the DNS forwarder's overrides to forward the FQDN in question to 127.0.0.1. If you have a large list, you could use the backup/restore method to mass edit the config.xml. If you are talking about blocking IPs/subnets I don't have any good ideas. Creating a list of aliases then crafting the firewall rules to block traffic to/from these aliases would be a severe burden on your m0n0wall and maintenance would be time consuming. Your list of rules could be quite long... _________________________________ James W. McKeand |