FSAV PSB firewall deny rule, instead of Windows hosts file

etomcat Posts: 1,319 Superuser

Dear Sirs,


It is a time-honoured tradition to edit the Windows "system32/drivers/etc/hosts" to add a loopback or null entry for non-desirable site names, like blocking "ads.adfox.ru" and "textad.eroticmatch.com" et c.


With Windows 8.1, this habit is facing big obstacles, because there is a lot of UAC and sysrestore protection against modifying the hosts file and the computer slows down if the hosts file exceeds ~128kByte, while many adsite-badsite banning lists are 384-512kB in size. This problem can't be fixed without turning off the DNS Client service but then AD domain won't work properly.


So I thought of creating a traffic deny rule in FSAV PSB personal firewall "Internet Shield" against undesirable DNS names, to achieve the same hostfile-like functionality. Is that even possible? (I heard every setting is theoretically limited to max. 8kB in F-Secure, due to use of SNMP MIB structures.) If supported, is it possible to import from file or is it necessary to copy-paste each line manually?


Thanks for your kind attention, Sincerely:

Tamas Feher, Hungary.


  • Vad
    Vad Posts: 1,089 Forum Guru

    Hello Tamas,


    Yes, currently there is 8kB limitation for a policy setting on a PSB portal side.

    As a workaround you can create several firewall rules.

    Unfortunately, import from a file is not supported.


    Best regards,


This discussion has been closed.