It is a local classifier and it has only a small ruleset as we don't want to make any performance impact on our user system. It works against new domains not classified yet and its rulset is on 'Classifier > Ruleset'. We have an integratated auto-classifier that is called NxClassifier. If you have several thousands domains to block then add it into 'Classifier > Jahaslist'. If you need to group these domains then use 'Category > Custom'. To block a single domain, the simplest way is to use Whitelist. You have to check some flags for Whitelist to be working. This find contains DoH servers as you don't want to allow these doamins while doing DNS filtering. And there are system block domains you can find in /nxfilter/conf/system-block.txt. Those are 2 domains we bypass at default. In old days, we have an option for bypassing microsoft domains but at the moment we add those domains into Whitelist with bypass_auth, bypass_filter flags at install time. When you add a domain or keyword into Whitelist, at default they become global whitelist and then you can select Applied Policy on their edit pages. I'd appreciate any insight as nxfilter is still quite new to me and while the documentation is helpful, it is sparse in some areas. Is that any different than a ruleset block? Classifier -> Jahaslist is to add a custom domain to the jahaslist i think.Not quite sure what Classifier -> Classified does, there doesn't seem to be any options on that.Classifier -> Ruleset and write a custom regex rule for that domain name?.Do I go to Category -> System, click "Add-domain" to a given category?.What is the best way to blacklist a single domain? It seems like there is about many many ways to block a domain. If "Bypass Filtering" or "Bypass Authentication" isn't checked, do these actually do anything? Does a flag have to be checked before they actually do anything? But those policies don't have any flags selected. But what I don't understand, is there are some default domains whitelisted, such as *. for example. With NXfilter I can either add it to the Common Bypass or as a single policy under Whitelist -> Domain. In my previous filter (SafeDNS) i could just add a domain to be whitelisted on a policy and it would be done. I read over the FAQ page but it didn't seem to cover what i wanted to know.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |