Re: keeping sites off

From: Laurent Bercot <>
Date: Mon, 30 Mar 2020 00:18:27 +0000

>The problem is that /etc/hosts does not support wildcards, so
> (for example) is not filtered. So, is there any
>solution? Should I replace dnscache by something else? (something else
>trustworthy and supervision-friendly) Any other setup compatible with

  What I do is:
  - run a tinydns on another IP address (if you only have 1 nic, you can
still attribute several IPs to it)
  - fill that tinydns with sink data for the things I want to block
  - configure my dnscache to query my internal DNS server for the zones
I want to block. In your case, if you tell your dnscache that your
internal DNS server is authoritative for the zone, any
query for will go to your internal server.
  - no /etc/hosts manipulation needed.

Received on Mon Mar 30 2020 - 00:18:27 UTC

This archive was generated by hypermail 2.3.0 : Sun May 09 2021 - 19:44:19 UTC