LinuxQuestions.org
Help answer threads with 0 replies.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Security
User Name
Password
Linux - Security This forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.

Notices

Reply
 
Search this Thread
Old 10-18-2006, 02:08 AM   #1
pavangogineni
LQ Newbie
 
Registered: Aug 2006
Posts: 17

Rep: Reputation: 0
Wink how to block https using iptables


Hi,

I am using RHEL 4 AS version on which our firewall ( using iptables ) has been configured. Here I want to block particular website which uses https, say for example https://abc.com.
Is it possible to do with iptables.
Also I want to know how it can be achieved using squid proxy to filter https traffic.
 
Old 10-18-2006, 03:31 AM   #2
b0uncer
Guru
 
Registered: Aug 2003
Distribution: CentOS, OS X
Posts: 5,131

Rep: Reputation: Disabled
Since doing a DNS lookup isn't a cool thing, you'll need the ip address of abc.com; then you'll need to know which port https uses (I don't remember it, but Google does, and anyway you should know it if you're dealing with iptables), then you just write a rule which looks something like

Code:
/sbin/iptables -A INPUT -s <ip-address of abc.com> --dport <https port number> -j DROP
if I remember right. After this, test if it works. If it does, save the config (i.e. if your firewall is set up by a script like rc.firewall, add the above command there).

If I misremembered something, just read
Code:
man iptables
which tells you exactly how to drop (or deny) packets from a certain ip to a certain port.
 
Old 10-19-2006, 01:49 AM   #3
pavangogineni
LQ Newbie
 
Registered: Aug 2006
Posts: 17

Original Poster
Rep: Reputation: 0
Quote:
Originally Posted by b0uncer
Since doing a DNS lookup isn't a cool thing, you'll need the ip address of abc.com; then you'll need to know which port https uses (I don't remember it, but Google does, and anyway you should know it if you're dealing with iptables), then you just write a rule which looks something like

Code:
/sbin/iptables -A INPUT -s <ip-address of abc.com> --dport <https port number> -j DROP
if I remember right. After this, test if it works. If it does, save the config (i.e. if your firewall is set up by a script like rc.firewall, add the above command there).

If I misremembered something, just read
Code:
man iptables
which tells you exactly how to drop (or deny) packets from a certain ip to a certain port.

I used this and it is working fine
iptables -t nat -I PREROUTING -m tcp -p tcp -d <ip address of abc.com> --dport 443 -j DROP
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
how to block https using iptables pavangogineni Linux - Networking 12 03-12-2012 11:31 AM
iptables masquarading problem with https grayFalcon Linux - Networking 1 12-09-2005 09:38 AM
IPTables and PPTPD :S (to block or not to block) thewonka Linux - Networking 0 03-24-2005 07:58 PM
Iptables not allowing outbound https john8675309 Linux - Software 3 09-13-2004 11:41 PM
Iptables and https sturla69 Linux - Security 6 09-16-2003 11:13 PM


All times are GMT -5. The time now is 05:02 PM.

Main Menu
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration