LinuxQuestions.org
Download your favorite Linux distribution at LQ ISO.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - General
User Name
Password
Linux - General This Linux forum is for general Linux questions and discussion.
If it is Linux Related and doesn't seem to fit in any other forum then this is the place.

Notices

Reply
 
Search this Thread
Old 12-04-2004, 03:08 AM   #1
poiuytrewq
Member
 
Registered: Jul 2004
Posts: 107

Rep: Reputation: 15
blocking specific websites, but allowing internet access


hi, i have a machine that i would like to be able to block access to certain websites on (per user or machine wide will work) but i still want to allow access to all of the internet.

is there an easy way to do this?

using:
fedora core 2
firefox 1.0-1
 
Old 12-04-2004, 03:24 AM   #2
musicman_ace
Senior Member
 
Registered: May 2001
Location: Indiana
Distribution: Gentoo, Debian, RHEL, Slack
Posts: 1,555

Rep: Reputation: 46
set the site in the hosts file to be spoofed

127.0.0.1 blockedsite.com

I'm going to try using IPtables when I get the chances, something like

IPTABLES -A OUTPUT -d hotmail.com -reject-with icmp-host-unreachable

I've searched this site, and someone posted the iptables method, but I have never actually tried it. If it works, I'm going to use a blacklist of websites and create a script to block more than 200 sites.

Last edited by musicman_ace; 12-04-2004 at 03:27 AM.
 
Old 12-04-2004, 03:35 AM   #3
poiuytrewq
Member
 
Registered: Jul 2004
Posts: 107

Original Poster
Rep: Reputation: 15
thanks for the help, but i have tried that, it does not seem to work, what do i need to do to make it take effect? (i typed everything correctly, i promise)
 
Old 12-04-2004, 03:42 AM   #4
poiuytrewq
Member
 
Registered: Jul 2004
Posts: 107

Original Poster
Rep: Reputation: 15
this for instace:
Code:
 #
# hosts.deny	This file describes the names of the hosts which are
#		*not* allowed to use the local INET services, as decided
#		by the '/usr/sbin/tcpd' server.
#
# The portmap line is redundant, but it is left to remind you that
# the new secure portmap uses hosts.deny and hosts.allow.  In particular
# you should know that NFS uses portmap!

ALL:ALL
had no effect
 
Old 12-04-2004, 04:50 AM   #5
musicman_ace
Senior Member
 
Registered: May 2001
Location: Indiana
Distribution: Gentoo, Debian, RHEL, Slack
Posts: 1,555

Rep: Reputation: 46
Put squid on the firewall/gateway and do content filtering through squid
 
Old 12-04-2004, 07:00 PM   #6
EnigmaOne
LQ Newbie
 
Registered: Aug 2003
Location: Long Beach, CA - USA
Distribution: Too many to count...
Posts: 28

Rep: Reputation: 15
Quote:
Originally posted by poiuytrewq
thanks for the help, but i have tried that, it does not seem to work, what do i need to do to make it take effect? (i typed everything correctly, i promise)
Yeah....hosts.deny won't have any effect....you want to edit /etc/hosts as was illustrated previously. Just point the blocked site to the loopback addy, and save the file.

In some cases, I've run into situations where I have to enter multiple permutations of the site name (subdomains, etc) to get the desired effect. You don't have to do anything but save the file, and it'll be in effect immediately.

Such is life with kids in the house. and my hosts file passed 300KB in size a while back.

Last edited by EnigmaOne; 12-04-2004 at 09:47 PM.
 
Old 08-31-2006, 11:45 PM   #7
fakie_flip
Senior Member
 
Registered: Feb 2005
Location: san antonio, texas
Distribution: Fedora 64 bit RAID0 + LUKS, CentOS (server), Backtrack, Gentoo Hardened
Posts: 1,440

Rep: Reputation: 80
What am I doing wrong? I haven't been able to block any websites.

Code:
ubuntu@ubuntu:~$ IPTABLES -A OUTPUT -d hotmail.com -reject-with icmp-host-unreachable
bash: IPTABLES: command not found
ubuntu@ubuntu:~$ iptables -A OUTPUT -d hotmail.com -reject-with icmp-host-unreachable
iptables v1.3.3: Unknown arg `hotmail.com'
Try `iptables -h' or 'iptables --help' for more information.
ubuntu@ubuntu:~$
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
Blocking Specific Programs from Network Access? Trip in VA Linux - Newbie 23 08-06-2006 02:47 PM
Blocking access to specific Websites and IP Ports fieldyweb Linux - Newbie 3 12-02-2005 05:32 AM
Allowing access only to specific websites? matux Linux - Security 2 11-28-2005 09:18 PM
Allowing specific programs access to needed ports The MCP Linux - Security 5 03-31-2005 05:21 PM
linblock blocking websites synaptical Linux - Software 3 09-07-2004 11:12 PM


All times are GMT -5. The time now is 10:35 PM.

Main Menu
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration