[Unbound-users] Whitelist some domains, blacklist everything else

Carsten Krüger C.Krueger at gmx.org
Sun May 16 18:36:44 UTC 2010


> Well, I wouldn't be so strict, something like this could probably be done
> using forwarding:

> name: whitelist1.dom
>   forward-addr:

> name: whitelist2.dom
>   forward-addr:

> name: .
>   forward-addr: <ip_of_dummy_nameserver_returning always nxdomain, f.e.
> running on>


> Implement transparent HTTP proxy with block list or even simple firewall
> rules are better.

Not trivial on single windows workstation.

> Protection on DNS level is very fragile and probably could
> be easily circumvented if not implemented together with strict firewall
> rules.

I know.


More information about the Unbound-users mailing list