>
> ---------- Forwarded Message -----------
> From: "Daniel Zilli" <daniel@xxxxxxxxxxxxxxxxxxxxx>
> To: Peter Albrecht <peter.albrecht@xxxxxxxxxx>
> Sent: Thu, 27 Sep 2007 10:02:36 -0300
> Subject: Re: blacklist format
>
> I think that i am misunderstanding srcdomain and dstdomain :-)
> Some help here. Which one should i use to build my blacklist ?
>
> Thanks
> Daniel
>
dstdomain - fastest destination blocking ACL around.
acl to dstdomain .google.com
- blocks anybody requesting www.google.com, etc.
srcdomain - slightly slower blocking of clients by machine *name*
acl from srcdomain .dhcp.example.com
- does rDNS lookup to figure out who client is
- blocks them if rDNS resolves to 1.2.3.4.dhcp.example.com, etc.
Amos
