[ previous ] [ next ] [ threads ]
 
 From:  "James W. McKeand" <james at mckeand dot biz>
 To:  <m0n0wall at lists dot m0n0 dot ch>
 Subject:  RE: [m0n0wall] filter blacklist
 Date:  Wed, 4 Jan 2006 16:56:17 -0600
Tim Vaughan wrote:
>> is there a way (and if not, can I make a feature request? :)) to
>> blacklist hosts and networks? I just want to clean up some of my
>> logs, and I remember that I used to have an array on my old
>> homegrown linux firewall which I just appended once in a while with
>> some obcure .cn and other networks that I know would never access my
>> web server or anything else legitimately.
> 
> Presumably, providing a simple way to edit /etc/hosts directly would
> be sufficient?  I'd like to be able to paste a big list of ad/spyware
> etc. servers into it.

If you are talking about FQDNs you can use the DNS forwarder's overrides
to forward the FQDN in question to 127.0.0.1. If you have a large list,
you could use the backup/restore method to mass edit the config.xml.

If you are talking about blocking IPs/subnets I don't have any good
ideas.  Creating a list of aliases then crafting the firewall rules to
block traffic to/from these aliases would be a severe burden on your
m0n0wall and maintenance would be time consuming. Your list of rules
could be quite long...

_________________________________
James W. McKeand