[rbldnsd] $TIMESTAMP - is per dataset expiry possible?

Paul McClure paul1 at px1.1812net.net
Thu Apr 27 23:20:52 MSD 2006 

Hey, I like that.

Another concept I had thought of was somehow putting entries directly into the
DNS cache and then allowing the TTL to expire the entries. This would
eliminate the need to store them in a file at all. No idea how this could be
done. Seems like everyone is pointing me away from relying on any kind of
DNS-based system to expire the records. I still feel DNS is almost a natural
existing system to leverage off of since expiries are innate to DNS.

Having said that, I like your SQL suggestion. It's possible someone else has
already built something similar.


Jon Lewis wrote:

> On Wed, 26 Apr 2006, Paul McClure wrote:
>
>> local-whitelist. Then, I was going to have the -g option tag the TXT
>> record on each list with an expiry time (5 minutes for BL, 24 hours for
>> WL). I could write this code relatively easily. However, there needs to
>> be some method to clear out the expired records from the local-blacklist
>> and local-whitelist. Perhaps, a cron job that ran some script. Or, I
>> could modify the -r and -a options to ignore expired records. That would
>> work too, but the lists would grow and grow and probably still require
>> some system to clear them regularly (cron job?). These solutions are not
>> very elegant.
>
> I think your best bet is to make your lists SQL based.  i.e. When you add
> an IP to your local black or white list, you add an IP and a timestamp
> saying when it was added.  Every N minutes, you run a script that expires
> entries older than $threshold from the db and then builds the rbldnsd data
> from whats left in the db.  i.e. "delete from table where NOW() - add_time
>> 300" if you want to expire after 5 minutes.
>
> ----------------------------------------------------------------------
>   Jon Lewis                   |  I route
>   Senior Network Engineer     |  therefore you are
>   Atlantic Net                |
> _________ http://www.lewis.org/~jlewis/pgp for PGP public key_________
> _______________________________________________
> rbldnsd mailing list
> rbldnsd at corpit.ru
> http://www.corpit.ru/mailman/listinfo/rbldnsd
>

More information about the rbldnsd mailing list