Need help with blocking sites/editing Hosts file

RodWC · 05-01-2007, 11:29 PM

Hi everyone. I have a friend who needs porn blocking on his computer, and I think editing the hosts file will be the simplest thing at this point (unless you all have better suggestions. Tried squid, complicated and did not work with a large domains file). I'd like to take the domains file I downloaded for squid and add it to the hosts file, but I would need to add 127.0.0.1 to the beginning of each line. I know there must be a simple low level command for doing this, but what is it?

Thanks for any help or alternative suggestions.

Also, is there a way to protect the hosts file so that even someone with the root password can not edit it? This wouldn't be entirely necessary but would be very useful.

Matir · 05-02-2007, 12:00 AM

You could make it harder for someone to edit by changing it to be read-only. But the idea behind root is that they can do anything.

Try a command like this to append the 127.0.0.1 you need and add the entries to /etc/hosts:

Code:

sed 's/^/127.0.0.1 /' HOSTSFILE >> /etc/hosts

jschiwal · 05-02-2007, 12:02 AM

If the file consists of only domain addresses, then you could use sed to edit the file:
sed 's/^/127.0.0.1/' filename >newfilename

A very long linear list increases the time time to search proportionally to the length of the list.

Whatever you do to protect the /etc/hosts file can be undone by root. It would be a better solution if the only access to the internet is through a gateway device or computer that is physically locked up.

RodWC · 05-02-2007, 07:01 AM

Thanks guys! If I were to make the Internet come through a computer as a gateway, would editing the hosts file on the gateway computer be sufficient?

RodWC · 05-02-2007, 07:47 AM

now I seem to have another problem . . . The information in the hosts file is entered as such:

127.0.0.1 badsite.com
127.0.0.1 badsite2.com

And so on. The problem is, it's not working. Is it possible for the hosts file to be too big (how about 17Mb)?

RodWC · 05-02-2007, 08:38 AM

His DSL ISP, Embarq, has it's own blocking service, but it only has software for Windows. Supposedly this software makes so the computer uses blocking through the ISP itself. Would there be a way to access their 'restricted' server from Linux and block other access? The program is called fsecure. They were unable to get it running through Wine.

RodWC · 05-02-2007, 02:14 PM

Okay I figured it out. It must be written like www.google.com instead of google.com, so I ran the sed command twice. Once to add the 127.0.0.1 and the second time to add '127.0.0.1 www.' so I now have over twice the file size (40Mb!) but that seems to be working. Thanks for the help.

Of course there is still the issue of root access.

Matir · 05-02-2007, 02:17 PM

Why are you trying to limit root's access to the file?