BleepingComputer.com: DNS management

I'm looking to run some sort of vbscript at startup that will monitor dns requests and ip's browsed to, have a list of banned ip's/domain names stored on the server or in the vbscript then if a domain is flagged have the script send an email to a specified email address stating username, time and date and site they are on. Is this possible?

I've had a crack at installing dansguardian on our smoothwall but i don't really want to block the sites as staff are allowed on them during lunch, i had blocked them using dns but as some of the staff here are computer tech's, they knew to put the ip into the host file to get around this.

If you have another other idea's i'm open for suggestions!! At this stage i don't have the approval to buy any software to do this

You can only monitor if there is a box between the network and the router. You can also implement blocking. I did a project like this last year, and it was trivial to implement using a crap box, and I think I used Ubuntu on the intermediate box. I am assuming that your internet is not using the server as a gateway?

The topology is like this:

Router in bridge mode linked to smoothwall which is handling DNS requests, smoothwall links to a switch and the DMZ (two different network cards), from the switch links our Domain and Member servers (Domain controller passes dns requests to the smoothwall) and our PC's connect to the switch. Do you have any materials left over from the project you've done?