This is the documentation of NFDNSBL, a NF_QUEUE client that can check any DNSBL and act accordingly.
In a nutshell, a DNSBL is way to publish blacklists. See http://en.wikipedia.org/wiki/DNSBL for more informations.
We simply redirect packets to a queue in userspace (target NFQUEUE) using iptable. NFDNSBL then get these packets, extract the source IP address, query a dnsbl server and act. It can accept the packet, drop it or mark it and reinject it in iptable.