Look in /etc/sysconfig/SuSEfirewall2. You can enter the name of a file with your own rules to add.
Code:
## Type: string
#
# 25.)
# Do you want to load customary rules from a file?
#
# This is really an expert option. NO HELP WILL BE GIVEN FOR THIS!
# READ THE EXAMPLE CUSTOMARY FILE AT /etc/sysconfig/scripts/SuSEfirewall2-custom
#
#FW_CUSTOMRULES="/etc/sysconfig/scripts/SuSEfirewall2-custom"
FW_CUSTOMRULES=""
You might want to block outbound traffic instead of INPUT to block contacting a the website.
Part of the reason your rule didn't work is because it is located after a rule that accepted the traffic.
Code:
sudo /usr/sbin/iptables -L OUTPUT
Chain OUTPUT (policy ACCEPT)
target prot opt source destination
ACCEPT all -- anywhere anywhere
ACCEPT all -- anywhere anywhere state NEW,RELATED,ESTABLISHED
Use the OUTPUT or INPUT filter to only list the table you need and insert the rule where it needs to be.
If your test iptables command works, then edit /etc/sysconfig/SuSEfirewall2 and /etc/sysconfig/scripts/SuSEfirewall2-custom so that your rule is run when the firewall service starts.
Because the OUTPUT table is probably not used much, you could create a startup script in /etc/rc.d/ that runs after the SuSEfirewall2 service and inserts a rule before the others in the OUTPUT table. If you use -I instead of -A to insert the rule instead of -A (adding) the rule your iptables command would probably work.