Subject: Re: DNS Blacklist feature
To: John Nemeth <jnemeth@victoria.tc.ca>
From: Geert Hendrickx <ghen@telenet.be>
List: tech-net
Date: 11/06/2007 23:41:19
On Tue, Nov 06, 2007 at 01:01:19AM -0800, John Nemeth wrote:
> As a home user, you can generally easily deal with this yourself. Just
> add 'named=YES' to /etc/rc.conf and put 'nameserver 127.0.0.1' in
> /etc/resolv.conf. You don't need to do any custom configuring of named.
> If you're running dhclient, then put this in /etc/dhclient-enter-hooks
> and make it executable:
>
> make_resolv_conf() {
> }
>
> If you follow these steps, you won't have to care what your ISP is doing
> because you won't be using their DNS servers.
If they're allowing port 53 outbound at all (I don't know)...
Otherwise you'd have to implement your own wrapper around DNS to implement
what OP suggested.
Geert