Block some users with Bind9
Michael Hoskins (michoski)
michoski at cisco.com
Wed Jul 25 01:38:53 UTC 2012
I would try using RPZ with a combination of views and match-clients.
From: Emiliano Vazquez <emilianovazquez at gmail.com>
Organization: PcCentro Informatica & CCTV
Date: Tuesday, July 24, 2012 10:32 AM
To: "bind-users at lists.isc.org" <bind-users at lists.isc.org>
Subject: Block some users with Bind9
>Hi to everyone!
>I'm stuck with this!
>I need to do the following but i did not find the real solution.
>I need to block some IPs from the LAN to specific places, like
>I do this with Squid but https transport is encripted and never goes to
>Squid. There are some news about interception of this port (443) but
>this is un newers version of squid (3.2.x)
>I wan't know if you know some tipe of configuration of Bind9 to do
>something like "OpenDNS" who give us this solution.
>I need to do:
>IP 192.168.1.10 Block access to https://www.facebook.com &
>IP 192.168.1.11 Full access without limitations.
>IP 192.168.1.12 Block access to https://www.gmail.com &
>I follow the instructions from this link
>http://www.deer-run.com/~hal/sysadmin/dns-advert.html and get it working
>but the DNS act for all the machines in the network.
>It's possible to make what i wan't to do?
>Best regards and thanks for share your time.
>Emiliano Vazquez | PcCentro Informatica & CCTV
>Office: +54 (11) 4951-0203 Interno 4
>Mail: emilianovazquez at gmail.com
>Please visit https://lists.isc.org/mailman/listinfo/bind-users to
>unsubscribe from this list
>bind-users mailing list
>bind-users at lists.isc.org
More information about the bind-users