[Rabbit-dev] ad blocking
Robert Olofsson
robert.olofsson at khelekore.org
Tue Dec 14 20:39:03 CET 2010
On Tue, 14 Dec 2010 00:49:48 -0500
Luis Soltero <lsoltero at globalmarinenet.com> wrote:
> Does rabbit have the ability to block ads and malware sites using lists
> from aggregator sites such as ...
Depends on what you mean by blocking. Rabbit can easily deny requests
based on the url. The question is what action you want to take.
> This facility is very flexible but difficult to maintain in an every changing internet landscape. A better approach
> might be to use lists from aggragators who's mission is to keep up to date lists of sites that offer ads and malware.
Yes that might be a good idea.
> My first naive approach at solving this problem was to augment /etc/hosts on our proxy server with lists from the above
> sites. I soon discovered rabbit ignored these. It seems that rabbit uses javands to access the DNS service directly to
> do queries ignoring the system resolver. So replacing /etc/hosts does not work.
Rabbit uses dnsjava by default, but you can change it in rabbit.conf:
[dns]
dnsHandler=rabbit.dns.DNSSunHandler
But please note that some jvms/OS:es will do only one dns lookup at
a time, causing big problems if you have many users. My linux used
to do such things.
> 1. rabbit reads the bad host table on startup and then keeps an internal table for lookups (our current host table has
> over 600K entries so this approach should be manageable)
Easy, will use some memory, but probably manageable amounts by todays
hardware specifications.
> 2. a better approach might be to query an sql table for bad hosts prior to the lookup. This would be faster and more
> dynamic since the table could be updated automatically from an external process.
Easy to do. I can try to take a hack at it during the winter holidays.
/robo
More information about the Rabbit-dev
mailing list