On 10/14/17, Walter Dnes <waltdnes@xxxxxxxxxxxx> wrote: > Rather than blocking by ephemeral names, howsabout blocking by IP > address? There may be multiple "virtual" web domains on that same ip, someof which are adservers you want the block and some of which are valid ones that you or your users may want to access. Depends on the ISP setup. But "in general" you may assume ad companies operate their own dedicated servers so most of the time your above appoach is ok. But sometimes not. May be they are too aware of this and they intentionally have virtual server over a floaiting set of IPs which also serve valid web domains to make counter-measures more difficult/complicated. -- To unsubscribe from this list: send the line "unsubscribe netfilter" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
