LinuxQuestions.org - how to block https using iptables

- Linux - Security (https://www.linuxquestions.org/questions/linux-security-4/)

- - how to block https using iptables (https://www.linuxquestions.org/questions/linux-security-4/how-to-block-https-using-iptables-493387/)

how to block https using iptables

Hi,

I am using RHEL 4 AS version on which our firewall ( using iptables ) has been configured. Here I want to block particular website which uses https, say for example https://abc.com.
Is it possible to do with iptables.
Also I want to know how it can be achieved using squid proxy to filter https traffic.

Since doing a DNS lookup isn't a cool thing, you'll need the ip address of abc.com; then you'll need to know which port https uses (I don't remember it, but Google does, and anyway you should know it if you're dealing with iptables), then you just write a rule which looks something like

Code:

/sbin/iptables -A INPUT -s <ip-address of abc.com> --dport <https port number> -j DROP

if I remember right. After this, test if it works. If it does, save the config (i.e. if your firewall is set up by a script like rc.firewall, add the above command there).

If I misremembered something, just read

Code:

man iptables

which tells you exactly how to drop (or deny) packets from a certain ip to a certain port.

Quote:

Originally Posted by b0uncer

Code:

/sbin/iptables -A INPUT -s <ip-address of abc.com> --dport <https port number> -j DROP

Code:

man iptables

which tells you exactly how to drop (or deny) packets from a certain ip to a certain port.

I used this and it is working fine
iptables -t nat -I PREROUTING -m tcp -p tcp -d <ip address of abc.com> --dport 443 -j DROP