Can't figure out how to block snoop/spam domains
I tried to set up rules to block a number of snoop/spam domains belonging to google, amazon, et al. that permanently attach themselves to a tcp port. But, perhaps because I'm out of practice, I can't seem to do it.
The problem seems to be that the rule interface won't accept a DNS alias, e.g. "cloudfront.net", as a valid identifier.
cloudfront.net is not a valid FQDN that would resolve to an IP, so how can it be used in a rule that would need an IP?
;; QUESTION SECTION:
;cloudfront.net. IN A
;; AUTHORITY SECTION:
cloudfront.net. 60 IN SOA ns-418.awsdns-52.com. hostmaster.cloudfront.net. 1377556270 16384 2048 1048576 60
You can use a fqdn in an alias all you want, but it needs to resolve to an actual IP
ah, you're right – I didn't even try to ping it, I just presumed it was real since netstat presented the name rather than an ip addr.
Testing, I find that they use scratch node identifiers, which would appear to make rule maintenance impossible