Website filtering for OpenVPN clients

Asche asked:

I am currently trying to block some websites by their domain names for all the clients of my OpenVPN server.

My first idea was to use the /etc/hosts file. But, its effects seem to be limited to the host only and not to be taken in consideration by OpenVPN.

I then tried to configure bind9 and to interface it with OpenVPN, but that solution was unsuccessful and uneasy to use.

After this, I considered using iptables to drop all the packets from/to those websites but that forum thread made me thought otherwise since iptables’ behavior with FQDN may generate complex issues.

Have you got a solution to block websites for all clients using an OpenVPN server on which I am root?

My answer:

You do it the same way you block websites for users on your company network: Run a proxy server and force everyone’s web traffic through it.

View the full question and any other answers on Server Fault.

Creative Commons License
This work is licensed under a Creative Commons Attribution-ShareAlike 3.0 Unported License.