LinuxQuestions.org

LinuxQuestions.org (/questions/)
-   Linux - General (https://www.linuxquestions.org/questions/linux-general-1/)
-   -   blocking specific websites, but allowing internet access (https://www.linuxquestions.org/questions/linux-general-1/blocking-specific-websites-but-allowing-internet-access-262411/)

poiuytrewq 12-04-2004 03:08 AM
blocking specific websites, but allowing internet access
 
hi, i have a machine that i would like to be able to block access to certain websites on (per user or machine wide will work) but i still want to allow access to all of the internet.

is there an easy way to do this?

using:
fedora core 2
firefox 1.0-1

musicman_ace 12-04-2004 03:24 AM
set the site in the hosts file to be spoofed

127.0.0.1 blockedsite.com

I'm going to try using IPtables when I get the chances, something like

IPTABLES -A OUTPUT -d hotmail.com -reject-with icmp-host-unreachable

I've searched this site, and someone posted the iptables method, but I have never actually tried it. If it works, I'm going to use a blacklist of websites and create a script to block more than 200 sites.

poiuytrewq 12-04-2004 03:35 AM
thanks for the help, but i have tried that, it does not seem to work, what do i need to do to make it take effect? (i typed everything correctly, i promise)

poiuytrewq 12-04-2004 03:42 AM
this for instace:
Code:
#
# hosts.deny        This file describes the names of the hosts which are
#                *not* allowed to use the local INET services, as decided
#                by the '/usr/sbin/tcpd' server.
#
# The portmap line is redundant, but it is left to remind you that
# the new secure portmap uses hosts.deny and hosts.allow.  In particular
# you should know that NFS uses portmap!

ALL:ALL
had no effect

musicman_ace 12-04-2004 04:50 AM
Put squid on the firewall/gateway and do content filtering through squid

EnigmaOne 12-04-2004 07:00 PM
Quote:
Originally posted by poiuytrewq
thanks for the help, but i have tried that, it does not seem to work, what do i need to do to make it take effect? (i typed everything correctly, i promise)
Yeah....hosts.deny won't have any effect....you want to edit /etc/hosts as was illustrated previously. Just point the blocked site to the loopback addy, and save the file.

In some cases, I've run into situations where I have to enter multiple permutations of the site name (subdomains, etc) to get the desired effect. You don't have to do anything but save the file, and it'll be in effect immediately.

Such is life with kids in the house. ;) and my hosts file passed 300KB in size a while back.

fakie_flip 08-31-2006 11:45 PM
What am I doing wrong? I haven't been able to block any websites.

Code:
ubuntu@ubuntu:~$ IPTABLES -A OUTPUT -d hotmail.com -reject-with icmp-host-unreachable
bash: IPTABLES: command not found
ubuntu@ubuntu:~$ iptables -A OUTPUT -d hotmail.com -reject-with icmp-host-unreachable
iptables v1.3.3: Unknown arg `hotmail.com'
Try `iptables -h' or 'iptables --help' for more information.
ubuntu@ubuntu:~$


All times are GMT -5. The time now is 04:28 PM.