Don Munyak wrote:
>I too would like to see this approach ( or something similiar) . I
>could see having possible several group alias...like a "Bogus
>Networks" page, Spyware or even to a minimal extent Blocked websites
>which were not appropriate for a particular site.
>...Then again...are we now talking about content filtering ???, not so
>much on keyword filtering, but rather by site's .
>Either way, it would still be nice to have a separate "page", like the
well, web sites would be a little more difficult, as you indeed get into
content filtering. what I was looking for, and what W. Plein (seriously,
can't find your first name :)) showed as the netscreen example as
layered aliasing would be a step below that, not even DNS fumbling, just
buckets of IPs and networks with one alias. Then you have one filter
rule in the rules page, "block from sh*tlist to any" - the only problem
that remains is that, in the background, it translates to one rule per
bucket-item, thus slowing down the whole firewall if the list gets too
Now, once that functionality of "buckets" is there, you could "misuse"
it to create a "bucket" of FQDNs instead of IPs and networks, and point
that alias "bucket" to 127.0.0.1 in the DNS forwarder, thereby utilizing
this functionality without going the route of bloating m0n0, which is to
be avoided, hence the forks.
So, anyone interested in tackling that? we could move the discussion to