28.5. DNS Blacklist

The DNS Blacklist blocks the resolving of some defined domains.

28.5.1. Enable DNS Blacklist resource

To enable the DNS blacklist the DNS Relay must be enabled and the RELAY-BLACKLIST parameter must be set to yes.

[10:51:02] ABILIS_CPX:s p dns relay:yes

COMMAND EXECUTED

[10:52:17] ABILIS_CPX:s p dns relay-blacklist:yes

COMMAND EXECUTED

[10:52:33] ABILIS_CPX:d p dns

RES:Dns - Not Saved (SAVE CONF), Not Refreshed (INIT) -------------------------
Run    DESCR:Domain_Name_System
       LOG:NO           ACT:YES
       udp-locport:53   SRCADD:OUT-IP                      TOS:0-N
       wdir:C:\APP\DNS\
       - Resolver -------------------------------------------------------------
       SERVERS:AUTO
       PRIMARY:008.008.008.008   SECONDARY:008.008.004.004
       DELAY:5                   RTY:1
       CACHE:YES                 cache-size:500
       - Relay/Server ---------------------------------------------------------
       RELAY:YES                 relay-size:500            RELAY-TOUT:10
       RELAY-BLACKLIST:YES       RELAY-BLACKLIST-BYPASS:#
       SERVER:NO
       IPSRC:*                   IPSRCLIST:#  
[Caution]Caution

To activate the changes made on the upper case parameters, execute the initialization command init res:dns; while to set act the changes made on the lowercase parameters a save conf and an Abilis restart are required (i.e. with warm start command).

28.5.2. DNS Blacklist tables

The following command shows the list of the resolved domains:

[10:55:50] ABILIS_CPX:d dns blacklist resolved

Resolved domains (9/2000):

FQDN
-------------------------------------------------------------------------------
- fhr.data.mozilla.com
- dns.msftncsi.com
- gtssl-ocsp.geotrust.com
- example.com
- www.iana.org
- antek.it
- www.aylook.com
- www.antek.it
- www.elettrorapido.com
-------------------------------------------------------------------------------

To add a domain to the list of banned domains, use the following command:

[10:56:08] ABILIS_CPX:a dns blacklist banned dn:example.com

COMMAND EXECUTED

[10:56:34] ABILIS_CPX:d dns blacklist banned

Banned domains (1/2000):

DN
-------------------------------------------------------------------------------
- example.com
-------------------------------------------------------------------------------

To remove a domain from the list of banned domains use the following command

[10:56:48] ABILIS_CPX:c dns blacklist banned dn:example.com
                                                                     
COMMAND EXECUTED

28.5.3. DNS Blacklist management through the web interface

To manage the DNS Blacklist using the web interface go on the Abilis homepage, login and click on Web filter.

Figure 28.1. DNS Blacklist web interface 1

DNS Blacklist web interface 1

There are 2 ways to put a domain in the banned domains list:

  • Select the domain from the 'Resolved domains' list and click on 'Full domain', '2nd level', '3rd level' or '4th level'.

  • Insert the domain into the textbox near to the 'Ban domain' button and click Ban domain.

Click on Submit to save and apply the changes.

Figure 28.2. DNS Blacklist web interface 2

DNS Blacklist web interface 2

To remove a domain from the Banned list, select it and click on Remove. Click on Submit to save and apply the changes.

Figure 28.3. DNS Blacklist web interface 3

DNS Blacklist web interface 3