Can't figure out how to block snoop/spam domains

  • I tried to set up rules to block a number of snoop/spam domains belonging to google, amazon, et al. that permanently attach themselves to a tcp port.  But, perhaps because I'm out of practice, I can't seem to do it.

    The problem seems to be that the rule interface won't accept a DNS alias, e.g. "", as a valid identifier.

  • LAYER 8 Global Moderator is not a valid FQDN that would resolve to an IP, so how can it be used in a rule that would need an IP?

    ;                        IN      A

    ;; AUTHORITY SECTION:        60      IN      SOA 1377556270 16384 2048 1048576 60

    You can use a fqdn in an alias all you want, but it needs to resolve to an actual IP

  • ah, you're right – I didn't even try to ping it, I just presumed it was real since netstat presented the name rather than an ip addr.

    Testing, I find that they use scratch node identifiers, which would appear to make rule maintenance impossible