stan: >> One thing I know slows down browsing is the way sites outsource much >> of their content. The browser has to access many sites on the web to >> put together a page for you to view. Blocking this as much as >> possible not only speeds up page loading, but also hinders tracking >> sites. Peter SkensvedL: > mvps is your friend here : > > http://winhelp2002.mvps.org/hosts.htm Way back in the past, I used to do that kind of thing, but found that my PCs struggled with moderately large hosts files, never mind one that big. It made all domain name look-ups slow, as it everything had to trawl through that hosts file, first. Whether that's still an issue, I don't know. But, instead, I ended up doing the same thing with my local DNS server, instead, it offloaded the burden to a central point, to software that was designed to be good at DNS resolutions. So one thing in my LAN takes care of all my computers. I also did it slightly differently, rather than return a bogus IP for the blocked sites, such as their 0.0.0.0 answer, I return a no-answer (i.e. no such domain exists). That quickly kills off any connection attempt. Some software will try to do something with a 0.0.0.0 IP, regardless of whether they ought to, or not. Likewise, giving forbidden domains the 127.0.0.1 IP of your own computer causes its own problems, masses of bogus connection attempts to non-existent things on your own computer. All of which wait for the attempt to time-out and fail. Or, if you have a local webserver, hammer your webserver for non-existent files. My named.conf file is populated with configuration lines like this: zone "adimages.com" { type master; file "dead.zone"; }; zone "admonitor.com" { type master; file "dead.zone"; }; zone "adsfac.net" { type master; file "dead.zone"; }; zone "advertising.com" { type master; file "dead.zone"; }; One per forbidden domain, or sub-domain (if I want partial blocking, such as doing nothing about example.com but killing ads.example.com). To avoid cluttering your named.conf file, you could use a second "blocking" file, that named.conf imports when it starts up. That would allow easier manipulation of it, with less risk to the normal configuration. And this is the entire contents of the dead.zone file: $TTL 10 @ IN SOA ns.localdomain. hostmaster.mail.localdomain. ( 202 ; serial 20 ; refresh 20 ; retry 20 ; expire 20 ; ttl ) IN NS ns.localdomain. It has the basic details required for a zone file (in that incarnation of the BIND DNS server), but no records to return any IPs. However, all of these methods start to fail in some modern browsers, which started doing their own DNS look-ups. Why they do that can be guessed at being due to two things: Realising that many users have awful ISPs (as I did, which is why I've run my own DNS servers for many years), they took the easy solution of having their web browser product use some *other* DNS server. As a counteraction so that adblockers wouldn't stop their product from showing adverts. There's been a bit of an outcry about that last issue. And I'd noticed some blocked things (by my DNS server) getting through in recent times. If advertisers weren't such bastards, there wouldn't be a need for such blocking. Some small advert sitting out of the way on the side of a page isn't worth caring about. But there are sites where there's more advertising than content, badly written scripts that peg your CPU at 100%, tracking, spyware, malware, etc. If advertisers want to bitch about being blocked, they need to take a long hard look in the mirror. -- [tim@localhost ~]$ uname -rsvp Linux 3.9.10-100.fc17.x86_64 #1 SMP Sun Jul 14 01:31:27 UTC 2013 x86_64 Boilerplate: All mail to my mailbox is automatically deleted, there is no point trying to privately email me, I only get to see the messages posted to the mailing list. Ha ha ha ha... (I couldn't think of a good joke, so I supplied a laugh track, instead.) _______________________________________________ users mailing list -- users@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe send an email to users-leave@xxxxxxxxxxxxxxxxxxxxxxx
