4

Im trying to setup a 'whitelist' DNS server for a small school network to prevent the kids accessing inappropriate sites (ie. students should only be able to access a pre-selected list of sites) and be forwarded to an access-denied page if they try accessing such a page.

Im aware this can be done using Squid3 but in this specific case its not a viable option.

I read the man named page as well as a number of tech sites and Im not having much luck. If any one could give me nudge in the right direction, I'd really appreciate it.

-Cheers

garyj
  • 41
  • 2

1 Answers1

2

BIND is really unsuited to this scenario, since it is primarily a large-scale authoritative nameserver.

You could, of course, define forward zones for everything you wish to whitelist, and then have those zones resolved by a second instance, but that is convoluted beyond measure.

Just use a proxy with good access control, such as Squid-cache.

adaptr
  • 16,576
  • 23
  • 34
  • Unfortunately we cant use squid (as mentioned) for banwidth reasons. but if you have any other possible solutions I would really love to hear them. as it stands I think I will be using powerdns – garyj Apr 27 '12 at 14:20
  • -1 Your answer is to use something the OP said wasn't possible. – Andrew Ensley Aug 23 '13 at 20:38