LinuxQuestions.org
View the Most Wanted LQ Wiki articles.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Newbie
User Name
Password
Linux - Newbie This Linux forum is for members that are new to Linux.
Just starting out and have a question? If it is not in the man pages or the how-to's this is the place!

Notices

Reply
 
Search this Thread
Old 12-07-2012, 05:21 AM   #16
bala.linuxtech
Member
 
Registered: Nov 2012
Location: Bangalore
Distribution: RHEL and Centos
Posts: 80

Rep: Reputation: Disabled
Thumbs up


Quote:
Originally Posted by adol83 View Post
Keep in mind that a workaround to bypass bad dns entry are tools and programs like ultrasurf that allow you to use another dns.
Hi

Just block that work "Facebook" From your conf file using url_regx -i module

For example

ACL Section

# Acl Block_words url_regex -i "facebook"

Http Section

# http_access Block_words deny

Then restart your squid

Hope it will help you !!

Regards
Bala.Linuxtech
 
2 members found this post helpful.
Click here to see the post LQ members have rated as the most helpful post in this thread.
Old 12-07-2012, 10:04 AM   #17
mandyapenguin
Member
 
Registered: Nov 2011
Location: India
Distribution: RedHat, Cent OS, Fedora, Debian, Ubuntu
Posts: 105

Original Poster
Rep: Reputation: Disabled
Quote:
Just block that work "Facebook" From your conf file using url_regx -i module
Dear bala.linuxtech,
As I have already told, this works only if we go through browser settings in each PC. Since I have configured it as transparent proxy and since each user is having sudo privileges in their PC they can remove browser settings and can access https://www.facebook.com. So found a way to completely block it from coolsg5636 post.
Code:
iptables -I FORWARD -p tcp -d dest_ip --dport des_port -j DROP
or even we can completely block all ports if we are suspecting that https://www.facebook.com is using other ports than 443, using
Code:
iptables -I FORWARD -d dest_ip -j DROP
The above rule worked me great and no one is able to access https://wwww.facebook.com since a year until/unless we allowed particular IP to access it or apart from some bypass softwares/sites. I am glad I could also blocked those too using the same way and also with squid ACLs.

Last edited by mandyapenguin; 12-07-2012 at 11:17 AM.
 
Old 12-07-2012, 10:23 AM   #18
mandyapenguin
Member
 
Registered: Nov 2011
Location: India
Distribution: RedHat, Cent OS, Fedora, Debian, Ubuntu
Posts: 105

Original Poster
Rep: Reputation: Disabled
Once again thank you all.

Last edited by mandyapenguin; 12-07-2012 at 10:25 AM.
 
Old 12-19-2012, 04:41 AM   #19
adol83
Member
 
Registered: Jul 2012
Location: Rome
Distribution: RHEL6, CentOs
Posts: 92

Rep: Reputation: 1
Question

By the way,

What if you use a program like Ultraserf to bypass your proxy?

You could manage to workaround again that limit, or not?
 
Old 12-19-2012, 08:16 AM   #20
mandyapenguin
Member
 
Registered: Nov 2011
Location: India
Distribution: RedHat, Cent OS, Fedora, Debian, Ubuntu
Posts: 105

Original Poster
Rep: Reputation: Disabled
Quote:
Originally Posted by adol83 View Post
By the way,

What if you use a program like Ultraserf to bypass your proxy?

You could manage to workaround again that limit, or not?
As I know, finding out bypassing PC's destination IPs from firewall log and running
Code:
iptables -I FORWARD -d dest_ip -j DROP
is enough.
 
Old 02-12-2013, 04:21 AM   #21
disappear
LQ Newbie
 
Registered: Feb 2011
Location: Bulgaria
Distribution: linux(debian 3.1)nokia n900
Posts: 7

Rep: Reputation: 0
Hi to all,maybe this is off topic but i have to try to ask.I have 2 laptops,and i want to block traffic to facebook,from one to another.Commands which i used:
echo "1" > /proc/sys/net/ipv4/ip_forward
iptables -t nat -I PREROUTING -m tcp -p tcp -d www.facebook.com --dport 443 -j DROP
arpspoof -i wlan0 192.168.1.1 (gateway of my router)
but i have still access to facebook site,any ideas
regards
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
how to block https using iptables pavangogineni Linux - Networking 12 03-12-2012 10:31 AM
iptables rule to block https sites loveulinux Linux - Newbie 9 11-17-2011 04:33 PM
squid server how to block https:www.website.com aliabbass Linux - Server 4 10-01-2011 01:45 PM
How can I block HTTPS packets with iptables/Squid? sanjee Linux - Security 5 10-29-2008 04:52 PM
how to block https using iptables pavangogineni Linux - Security 2 10-19-2006 12:49 AM


All times are GMT -5. The time now is 03:12 AM.

Main Menu
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration