LinuxQuestions.org
Review your favorite Linux distribution.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Newbie
User Name
Password
Linux - Newbie This Linux forum is for members that are new to Linux.
Just starting out and have a question? If it is not in the man pages or the how-to's this is the place!

Notices


Reply
  Search this Thread
Old 11-25-2010, 09:30 PM   #1
willcastle
Member
 
Registered: Sep 2010
Location: Philippines
Distribution: Centos
Posts: 63

Rep: Reputation: 0
How to ban a certain site to a certain IP in dansguardian?


Hi,

I will just ask on how will I ban a certain site to a certain IP address on the network? I am using Dansguardian Web filter.
 
Old 11-26-2010, 03:09 PM   #2
tronayne
Senior Member
 
Registered: Oct 2003
Location: Northeastern Michigan, where Carhartt is a Designer Label
Distribution: Slackware 32- & 64-bit Stable
Posts: 3,541

Rep: Reputation: 1060Reputation: 1060Reputation: 1060Reputation: 1060Reputation: 1060Reputation: 1060Reputation: 1060Reputation: 1060
There are a couple of ways to do this; the easiest one is an entry in /etc/hosts.deny:
Code:
ALL: 201.11.209.251
(The above is an actual address I've blocked because someone at that address attempted to break in.)

Another way is to create an entry for IPTABLES and block the entire domain (on the principle that if a domain permits this kind of activity, you don't want any traffic from that domain). Using the above bad actor address,
Code:
prompt: whois 201.11.209.251
(this returns a lot of stuff, but what you're interesting in is)
inetnum:     201.11/16
aut-num:     AS8167
abuse-c:     BTA17
owner:       Brasil Telecom S/A - Filial Distrito Federal
ownerid:     076.535.764/0326-90
responsible: Brasil Telecom S. A. - CNBRT
country:     BR
owner-c:     BTC14
tech-c:      BTC14
inetrev:     201.11.209/24
nserver:     ns03-cta.brasiltelecom.net.br 
nsstat:      20101121 AA
nslastaa:    20101121
nserver:     ns04-bsa.brasiltelecom.net.br 
nsstat:      20101121 AA
nslastaa:    20101121
created:     20040429
changed:     20040429
You create an entry using IPTABLES to forbid any system in that range with
Code:
sudo
prompt: iptables -A INPUT -s 201.11.209.0/24 -j DROP
By far, the easiest is the entry in /etc/hosts.deny (and either is effective).

If you have some number if IP addresses you wish to block, simply create a file containing entries for those address ranges:
Code:
iptables -A INPUT -s 212.156.0.0/16 -j DROP
iptables -A INPUT -s 212.156.0.0/17 -j DROP
Save those in a file, make the file executable (chmod 755 filename) and either execute manually after each system boot or execute it from the local start-up your system supports (in, for example, /etc/rc.d/rc.local or something similar).

Now, forwarding that to a particular server is a little more tricky depending upon how the forwarded server wants a message constructed (say, an e-mail?).

Hope this helps some.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
Enabling full routing site to site with openvpn, not using masquerading. Tried quagga pwn Linux - Networking 3 07-30-2010 06:31 AM
site to site vpn racoon with cisco asa 5505 routing issues wastingtime Linux - Networking 1 04-02-2010 12:26 PM
ban the internet icecubeflower General 54 02-07-2010 01:11 PM
Apache site redirects using what rule? foo.site.com -> www.site.com/foo LaughingBoy Linux - Server 2 04-16-2009 09:51 PM
Dansguardian is running but it is not filtering any site! hjehmssgm Linux - Security 15 08-30-2007 10:35 PM


All times are GMT -5. The time now is 12:42 AM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration