LinuxQuestions.org
Visit Jeremy's Blog.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Networking
User Name
Password
Linux - Networking This forum is for any issue related to networks or networking.
Routing, network cards, OSI, etc. Anything is fair game.

Notices

Reply
 
LinkBack Search this Thread
Old 12-01-2004, 04:25 PM   #1
corso64
LQ Newbie
 
Registered: Apr 2004
Distribution: Red Hat 9.0 + FC2 + SuSE 9.x
Posts: 27

Rep: Reputation: 15
Question blocking a site with /etc/hosts


I'm currently running Fedora Core 2 and am attempting to block ads coming from the many doubleclick sites, particularly the Microsoft 'Get the facts' ad that are served with every linuxtoday pageview. I've tried using entries in /etc/hosts and Firefox with Adblock and the following entries in the Adblock filter section:

*doubleclick*
doubleclick.net
ad.doubleclick.net
http://*.doubleclick.net

with no luck. So I added the following section to my /etc/hosts file with the ad still getting through:

# doubleclick
127.0.0.1 3ad.doubleclick.net
127.0.0.1 ad.3au.doubleclick.net
127.0.0.1 ad.au.doubleclick.net
127.0.0.1 ad.br.doubleclick.net
127.0.0.1 ad.ca.doubleclick.net
127.0.0.1 ad.de.doubleclick.net
127.0.0.1 ad.doubleclick.net
127.0.0.1 ad.es.doubleclick.net
127.0.0.1 ad.fi.doubleclick.net
127.0.0.1 ad.fr.doubleclick.net
127.0.0.1 ad.it.doubleclick.net
127.0.0.1 ad.jp.doubleclick.net
127.0.0.1 ad.n2434.doubleclick.net
127.0.0.1 ad.nl.doubleclick.net
127.0.0.1 ad.no.doubleclick.net
127.0.0.1 ad.pl.doubleclick.net
127.0.0.1 ad.se.doubleclick.net
127.0.0.1 ad.sg.doubleclick.net
127.0.0.1 ad.uk.doubleclick.net
127.0.0.1 ad.ve.doubleclick.net
127.0.0.1 ad.za.doubleclick.net
127.0.0.1 ad2.doubleclick.net
127.0.0.1 doubleclick.com
127.0.0.1 doubleclick.de
127.0.0.1 doubleclick.net
127.0.0.1 exnjadgda1.doubleclick.net
127.0.0.1 exnjadgda2.doubleclick.net
127.0.0.1 exnjadgds1.doubleclick.net
127.0.0.1 exnjmdgda1.doubleclick.net
127.0.0.1 exnjmdgds1.doubleclick.net
127.0.0.1 gd1.doubleclick.net
127.0.0.1 gd10.doubleclick.net
127.0.0.1 gd11.doubleclick.net
127.0.0.1 gd12.doubleclick.net
127.0.0.1 gd13.doubleclick.net
127.0.0.1 gd14.doubleclick.net
127.0.0.1 gd15.doubleclick.net
127.0.0.1 gd16.doubleclick.net
127.0.0.1 gd17.doubleclick.net
127.0.0.1 gd18.doubleclick.net
127.0.0.1 gd19.doubleclick.net
127.0.0.1 gd2.doubleclick.net
127.0.0.1 gd20.doubleclick.net
127.0.0.1 gd21.doubleclick.net
127.0.0.1 gd22.doubleclick.net
127.0.0.1 gd23.doubleclick.net
127.0.0.1 gd24.doubleclick.net
127.0.0.1 gd25.doubleclick.net
127.0.0.1 gd26.doubleclick.net
127.0.0.1 gd27.doubleclick.net
127.0.0.1 gd28.doubleclick.net
127.0.0.1 gd29.doubleclick.net
127.0.0.1 gd3.doubleclick.net
127.0.0.1 gd30.doubleclick.net
127.0.0.1 gd31.doubleclick.net
127.0.0.1 gd4.doubleclick.net
127.0.0.1 gd5.doubleclick.net
127.0.0.1 gd7.doubleclick.net
127.0.0.1 gd8.doubleclick.net
127.0.0.1 gd9.doubleclick.net
127.0.0.1 iv.doubleclick.net
127.0.0.1 ln.doubleclick.net
127.0.0.1 m.doubleclick.net
127.0.0.1 m1.doubleclick.net
127.0.0.1 m2.doubleclick.net
127.0.0.1 m3.doubleclick.net
127.0.0.1 m4.doubleclick.net
127.0.0.1 m5.doubleclick.net
127.0.0.1 m6.doubleclick.net
127.0.0.1 m7.doubleclick.net
127.0.0.1 m8.doubleclick.net
127.0.0.1 m9.doubleclick.net
127.0.0.1 n479ad.doubleclick.net
127.0.0.1 optimize.doubleclick.net
127.0.0.1 rd.intl.doubleclick.net
127.0.0.1 uunyadgda1.doubleclick.net
127.0.0.1 uunyadgds1.doubleclick.net

What am I missing?
In case it helps, the following URL using Firefox with Adblock still displays the d*mned MS ad...just pisses me off (maybe I should just quit going to linuxtoday ;-)

http://www.linuxtoday.org/

The offending HTML references doubleclick as follows:

<<tr>
<td><div id="mscnavi" style="width:345px"><a href="http://ad.doubleclick.net/click;h=v2|347D|0|0|%2a|p;11381666;2-0;0;10368124;31-1|1;7381392|7399288|1;;%3fhttp://www.microsoft.com/windowsserversystem/facts/analyses/indaudit.mspx"><b>Veritest: Independent Audit Measures Swifter, Easier Deployment for Microsoft Windows</b>
<br>

"Microsoft Windows Small Business Server 2003
vs. Red Hat Enterprise Linux ES 2.1 Deployment" says that in time
and complexity, Windows is easier and faster to deploy.</a></div></td>
</tr>
<tr>
<td><div id="mscnavi" style="width:345px"><a href="http://ad.doubleclick.net/click;h=v2|347A|0|0|%2a|s;11381666;0-0;0;10368124;31-1|1;7328817|7346713|1;;%3fhttp://www.microsoft.com/windowsserversystem/facts/analyses/entcost.mspx"><b>Yankee Group: Large Enterprises: Switching from Windows to Linux "Prohibitively Expensive, Extremely Complex, Provides No Tangible Business Gains"</b>
<br>
This two-part, non-sponsored report calculates that
a major Linux deployment or switch from Windows is four times more
expensive and takes three times longer than a Windows upgrade.</a></div></td>
</tr>
<tr>
<td><div id="mscnavi" style="width:345px"><a href="http://ad.doubleclick.net/click;h=v2|347D|0|0|%2a|j;11381666;0-0;0;10368124;31-1|1;7381390|7399286|1;;%3fhttp://www.microsoft.com/windowsserversystem/facts/analyses/metamigrate.mspx"><b>Meta Group: Windows Server Offers Compelling Advantages over UNIX
as ERP Hosting Platform.</b></a></div></td>

</tr>
<tr>
<td><div id="mscnavi" style="width:345px"><a href="http://ad.doubleclick.net/click;h=v2|347D|0|0|%2a|z;11381666;1-0;0;10368124;31-1|1;7381391|7399287|1;;%3fhttp://www.microsoft.com/windowsserversystem/facts/analyses/tcoadvan.mspx"><b>IDC: Lower Windows Staffing Costs Provide TCO Advantage over Linux</b></a></div></td>
</tr>
<tr>
<td><div id="mscnavi" style="width:345px"><a href="http://ad.doubleclick.net/click;h=v2|347A|0|0|%2a|i;11381666;1-0;0;10368124;31-1|1;7328818|7346714|1;;%3fhttp://www.microsoft.com/windowsserversystem/facts/analyses/opencost.mspx"><b>Forrester: Detailed Financials Show Total Linux Costs Higher Than Windows Costs by 5 to 20 Percent</b></a></div></td>
</tr>
<tr>
<td><div id="mscnavi" style="width:345px"><a href="http://ad.doubleclick.net/click;h=v2|347A|0|0|%2a|y;11381666;2-0;0;10368124;31-1|1;7328819|7346715|1;;%3fhttp://www.microsoft.com/windowsserversystem/facts/analyses/comparable.mspx"><b>Bearing Point: Despite Perceptions, Licensing and Support Acquisition Costs Comparable for Windows Server, SUSE Linux, and Red Hat Enterprise Linux</b></a></div></td>

</tr>
</table>
</td>
</tr>
<tr>
 
Old 12-01-2004, 04:36 PM   #2
linux_terror
Member
 
Registered: Aug 2004
Location: Northbrook, Illinois
Distribution: CentOS-5
Posts: 311

Rep: Reputation: 30
a simple way to do it without much typing is to just get peerguardian and load the ad-servers list... http://methlabs.org peerguardian will block all of them on the kenel level never to return

linux_terror
 
Old 12-01-2004, 08:08 PM   #3
corso64
LQ Newbie
 
Registered: Apr 2004
Distribution: Red Hat 9.0 + FC2 + SuSE 9.x
Posts: 27

Original Poster
Rep: Reputation: 15
I downloaded PGD-0.3.zip and went to unzip it and got the following:

Archive: PGD-0.3.zip
End-of-central-directory signature not found. Either this file is not
a zipfile, or it constitutes one disk of a multi-part archive. In the
latter case the central directory and zipfile comment will be found on
the last disk(s) of this archive.
unzip: cannot find zipfile directory in one of PGD-0.3.zip or
PGD-0.3.zip.zip, and cannot find PGD-0.3.zip.ZIP, period.

I tried getting this from a few different machines and unzipping it with the same results.
So I grabbed PGLinuxD-0.21, unzipped it, and got the following when I ran it:

[root@localhost installed]# ./peerguardian.sh
Welcome to PeerGuardian Linux Daemon - PGLinuxD - vesion 0.21
A Methlabs Production - http://www.methlabs.org
----------------------------
By Joseph Farthing - JFM, Braindancer
Original PeerGuardian by Method
----------------------------
Current blocklist http://www.methlabs.org/sync/guarding_plus.p2p.zip
Download data logged to ./log.txt
----------------------------
Enjoy the program!
----------------------------
Downloading the blocklist guarding_plus.p2p.zip, please wait.
Archive: guarding_plus.p2p.zip
inflating: guarding.p2p
Converting the blocklist, please wait.
PGD Converter started, version 0.21
Exporting to iptables, this may take over a minute on an old machine.
iptables: No chain/target/match by that name
iptables: Table does not exist (do you need to insmod?)
Rules have been successfully exported, applying DROP policy.
iptables: No chain/target/match by that name
Congratulations, rules should be successfully imported, rule is DROP
----------------------------
iptables: Table does not exist (do you need to insmod?)
----------------------------
iptables: Invalid argument

When I ran iptables -L PEERGUARDIAN I got the following:

root@localhost installed]# iptables -L PEERGUARDIAN
iptables: Table does not exist (do you need to insmod?)

Obviously its hosed. It'd be nice if PGD-0.3.zip wasn't corrupted. Know where I can find an uncorrupted copy?
 
Old 12-01-2004, 08:19 PM   #4
ror
Member
 
Registered: May 2004
Distribution: Ubuntu
Posts: 583

Rep: Reputation: 33
Why do you blame the install or download instead of reading the error messages?

Are you sure you've got iptables setup right?
 
Old 12-01-2004, 08:42 PM   #5
corso64
LQ Newbie
 
Registered: Apr 2004
Distribution: Red Hat 9.0 + FC2 + SuSE 9.x
Posts: 27

Original Poster
Rep: Reputation: 15
The newest .zip of Peerguardian is corrupt so I grabbed the older version and tried it.
I'm pretty sure iptables is set up right. What exactly should I be looking for?
I don't know enough about perl to be able to know exactly what the PGLinuxD-import.pl is doing
with the guarding.p2p file (that has the ip address ranges to block) to update iptables. I just don't know enough
about either perl or iptables yet to do it myself...that's why I was relying on the install scripts to do it for me.
I'm learning as fast as I can. I just wanted an easy way to block stuff, not learn how to code in perl or write low-level packet filters,
anyone got any good references for iptables?

Forever a newb,
corso
 
Old 12-02-2004, 08:08 AM   #6
maxut
Senior Member
 
Registered: May 2003
Location: istanbul
Distribution: debian - redhat - others
Posts: 1,188

Rep: Reputation: 50
visit www.netfilter.org . u will find enough docs about iptables there.
it is possible to block lots of addware, porn, etc. trou proxy. it is better idea to prefer proxy instead of iptables commands. i use squid and squidguard to stay my LAN computers away from ad and porn sites. squidguard works as a child process of squid. so u need both. squidguard has blacklist db file which includes over 100.000 only porn records. it is better to add these domains or ip s to /etc/host file
www.squidguard.org
www.squid-cache.org

good luck.
 
Old 12-03-2004, 04:29 AM   #7
linux_terror
Member
 
Registered: Aug 2004
Location: Northbrook, Illinois
Distribution: CentOS-5
Posts: 311

Rep: Reputation: 30
iptables: Table does not exist (do you need to insmod?)
is normal the first tie u run it....red the install notes

linux_terror
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off
Trackbacks are Off
Pingbacks are On
Refbacks are Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
Site Blocking mathew5 Slackware 7 09-16-2004 12:35 PM
Apache virtual hosts for intranet and external site tawalker Linux - Software 12 06-25-2004 11:01 AM
deny.hosts does not work in blocking anything lexton Linux - Newbie 4 04-06-2004 08:45 AM
How to setup virtual hosts for a web site? George2 Linux - Software 4 10-21-2003 03:46 AM
Off site image blocking! brandog Linux - Networking 8 10-07-2003 11:58 AM


All times are GMT -5. The time now is 11:29 PM.

Main Menu
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration