[ previous ] [ next ] [ threads ]
 
 From:  Sven Brill <madde at gmx dot net>
 To:  Don Munyak <don dot munyak at gmail dot com>
 Cc:  m0n0wall at lists dot m0n0 dot ch
 Subject:  Re: Fwd: [m0n0wall] filter blacklist
 Date:  Wed, 04 Jan 2006 21:06:02 -0500
Don Munyak wrote:

>I too would like to see this approach ( or something similiar) . I
>could see having possible several group alias...like a "Bogus
>Networks" page, Spyware or even to a minimal extent Blocked websites
>which were not appropriate for a particular site.
>
>...Then again...are we now talking about content filtering ???, not so
>much on keyword filtering, but rather by site's .
>
>Either way, it would still be nice to have a separate "page", like the
>Filters page.
>
>  
>
well, web sites would be a little more difficult, as you indeed get into 
content filtering. what I was looking for, and what W. Plein (seriously, 
can't find your first name :)) showed as the netscreen example as 
layered aliasing would be a step below that, not even DNS fumbling, just 
buckets of IPs and networks with one alias. Then you have one filter 
rule in the rules page, "block from sh*tlist to any" - the only problem 
that remains is that, in the background, it translates to one rule per 
bucket-item, thus slowing down the whole firewall if the list gets too 
large.

Now, once that functionality of "buckets" is there, you could "misuse" 
it to create a "bucket" of FQDNs instead of IPs and networks, and point 
that alias "bucket" to 127.0.0.1 in the DNS forwarder, thereby utilizing 
this functionality without going the route of bloating m0n0, which is to 
be avoided, hence the forks.

So, anyone interested in tackling that? we could move the discussion to 
m0n0-dev.

Sven