Two common Linux based firewall systems that I have used are IPCop and IPFire. IPCop appears to be no longer a going project. IPFire appears to be based on either IPCop or it is a fork of IPCop but I'm not sure. IPFire is a going project with regular updates, new add-ons and growth. Both have local domain name systems (DNS) used to gather domain information and cache it locally for the benefit of the system inside, or on the green network, of the firewall. Each uses a different solution but with each there is a need from time-to-time where you'd like to flush the local DNS cache. Procedures to do so are shown below.

IPCop

IPCop firewall 1.x uses "dnsmasq" to proxy client DNS requests. From the IPCop command line, issue the following command to cause dnsmasq to clear the currently cached DNS entries and start building new entries:

kill -s SIGHUP processid

Where

processid

should be replaced with the process id number for dnsmasq.

The command:

pidof dnsmasq

... will return the process id number. Putting it all together, the full command line to flush the cache would be:

kill -s SIGHUP $(pidof dnsmasq)

IPFire

IPFire uses "unbound" as a local caching DNS server, which uses a control program to manage the server. The control program, "unbound-control", has many functions that can be learned from the associated man page. Here are the key ones used to control the cache.

To flush all entries from the cache (note the dot character '.' at the end of the statement):

unbound-control flush_zone .

To flush just a single host name:

unbound-control flush www.youtube.com

To print the entire cache to the console:

unbound-control dump_cache