I am currently trying to block some websites by their domain names for all the clients of my OpenVPN server. My first idea was to use the /etc/hosts file. But, its effects seem to be limited to the host only and not to be taken in consideration by OpenVPN. I then tried to configure bind9 and to interface it with OpenVPN, but that solution was unsuccessful and uneasy to use. After this, I considered using iptables to drop all the packets from/to those websites but that forum thread made me thought otherwise since iptables' behavior with FQDN may generate complex issues. Have you got a solution to block websites for all clients using an OpenVPN server on which I am root?