[prev in list] [next in list] [prev in thread] [next in thread]
List: ipcop-user
Subject: Re: [IPCop-user] A question (blocking with a hosts file)
From: "Renaud (Ron) Olgiati" <renaud () olgiati-in-paraguay ! org>
Date: 2013-03-15 9:20:13
Message-ID: 201303150620.14142.renaud () olgiati-in-paraguay ! org
[Download RAW message or body]
I wrote some years ago a how-to block sites with a /etc/hosts file.
As there seems to be interest I am posting it again.
=
Cheers,
=
Ron.
-- =
Ars imitatio naturae est.
-- Lucius Annaeus Seneca
=
-- http://www.olgiati-in-paraguay.org --
=
Stopping pop-up adds on a LAN with an extended hosts file on the IPCop =
firewall
Why block popups ?
Because pop-ups not only waste your bandwidth, increase the load-up time of =
web-pages and generate annoyance, but many of them (starting with doublecli=
ck) =
track your web usage, and endanger your privacy.
How can I block pop-ups ?
The easiest way is to use an extended /etc/hosts file, which redirect to IP =
127.0.0.1 all the known pop-up web sites.
On a LAN protected by an IPCop firewall, instead of hacking the hosts file=
of =
all the boxes on the LAN, you can do it on the IPCop box only, if the IPCop =
box is used as the primary DNS of the LAN.
Upside: only one hosts file to keep up to date.
Downside: more memory used on the IPCop box, a very slight increase in the =
response time for every DNS query. =
Note that web browsers will display some sort of "Unable to connect" warnin=
gs =
whenever a pop-up cannot be foud.
Procedure, for IPCop 1.4.21
- Make up your badhosts files (127.0.0.1 doubleclick.com etc) or download a =
ready-made one from the net.
You can find the one I use at http://www.olgiati-in-paraguay.org/badhosts .
- Copy it via scp to the IPCop box : scp -P 222 badhosts =
root@(ipcopboxname):/var/tmp/
- One problem we have with IPCop is that the /etc/hosts file it uses is =
generated anew from the data in /var/ipcop/main/hosts each time the hosts.c=
gi =
script is run from the GUI.
So we must find a way to append our list of bad hosts to /etc/hosts each ti=
me =
hosts.cgi is run; to this end the obvious way would be to modify hosts.cgi =
itself, but moddifying the perl script is a bit complicated; so here is a =
quick and dirty workaround:
- Create on the IPCop box a file /usr/bin/addbadhosts with the content::
(beware of wrapped lines below)
#!/bin/bash
# Append my blacklist of hosts from /var/tmp/badhosts to /etc/hosts if =
hosts.cgi
# has been run to update /var/ipcop/main/hosts.
#R.Olgiati, with thanks to Kevin W. Wall
if [[ ! /var/ipcop/main/hosts -ot /etc/hosts ]]
then
cat /var/tmp/badhosts >> /etc/hosts
/bin/killall -s HUP dnsmasq
fi
Then run fcrontab -e and add the following two lines to crontab:
# Added for /etc/hosts append of badhosts
*/10 * * * * /usr/bin/addbadhosts
which will ensure that even if you forget to run addbadhosts after modifyin=
g =
the hosts file through the GUI, the badhosts will be added to it within ten =
minutes.
Before you exit ssh you can also check your new host file with:
grep doubleclick /etc/hosts
The response time of the grep should reassure you concerning the possible =
delay in DNS queries.
=A9 Renaud Olgiati 2009; =
distributed under the Attribution-NonCommercial-NoDerivs 3.0 Unported Creat=
ive =
Commons Licence. renaud@olgiatipy.org
---------------------------------------------------------------------------=
---
Everyone hates slow websites. So do we.
Make your web apps faster with AppDynamics
Download AppDynamics Lite for free today:
http://p.sf.net/sfu/appdyn_d2d_mar
_______________________________________________
IPCop-user mailing list
IPCop-user@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/ipcop-user
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic