DNS-Block All Websites Except for Whitelisted Sites

6

4

echo 0.0.0.0 facebook.com >> /etc/hosts is a pretty simple solution to prevent facebook.com and its subsites from resolving to an IP address. (This is also how Linux Mint's Mint Nanny works).

I would like to extend this to all sites except for a select few, however, I can't seem to find any workable solution on the web.

I have found some clues suggesting using a transparent proxy server, however I can't seem to be able to get it to work.

Can anyone post a concrete, straightforward recipe on how to achieve this simple goal (in an Unix-like operating system, preferably a GNU/Linux)?

PSkocik

Posted 2013-07-30T13:21:58.207

Reputation: 1 182

2How about only adding the white listed hosts to /etc/hosts and disabling external DNS lookup ? (Note that people still can access those sites if they just use the sites IP rather than its name). – Hennes – 2013-07-30T13:27:34.813

Answers

9

Use dnsmasq. This is a really neat service.

On Debian/Ubuntu/Mint:

sudo apt-get install dnsmasq

edit /etc/dnsmasq.conf

add this line to make all sites redirect to localhost:

address=/#/127.0.0.1

add these lines to make specific sites use the DNS server at 8.8.8.8:

server=/allowed.com/8.8.8.8

then restart the dnsmasq service:

sudo service dnsmasq restart

iateadonut

Posted 2013-07-30T13:21:58.207

Reputation: 201

0

You don't need to DNS block. Setting up an Apache mod_proxy and ProxyBlock would be enough.

user218473

Posted 2013-07-30T13:21:58.207

Reputation:

Asked: 2013-07-30T13:21:58.207

Viewed: 7 448 times

Active: 2015-09-21T11:23:28.750