The invention is a firewall capable of blocking access to a website or other Internet node based on a domain name. A DNS request is monitored and a domain name is decoded from the DNS request. An IP address is received in a response to the DNS request. The IP address and domain name are associated with each other. The steps are executed non-intrusively with respect to traffic flow through the firewall. Afterward, a determination is made if the IP address is associated with a domain name for which access is restricted. If the domain name is a restricted domain name, access to content of the website is denied by blocking traffic flow on the basis of identifying the source IP address of data packets.