Block Facebook with iptables
Let's say your LAN IP range is 10.1.1.0/24 then:
### Block connections to Facebook #########################################################################
IPT="/sbin/iptables"
$IPT -A OUTPUT -p tcp -m string --string "facebook.com" --algo kmp -j DROP
$IPT -A FORWARD -d facebook.com -j DROP
echo "Obtaining Facebook IP ranges from whois..."
RESULT=$( /usr/bin/whois -h whois.radb.net '!gAS32934' | tr ' ' '\n' | sort -n -k1,1 -k2,2 -k3,3 -k4,4 )
arr=$(echo $RESULT | tr " " "\n")
if [ -f facebookips ] ; then
rm -f facebookips
fi
for x in $arr
do
echo "$x" >> facebookips
done
tail -n +6 facebookips > tmp.tmp
mv tmp.tmp facebookips
y=0
while read line
do
(( y++ ))
$IPT -I FORWARD -s 10.1.1.0/24 -d $line -j DROP
$IPT -A INPUT -p tcp -d $line --dport 443 -j REJECT
done <facebookips
echo "$y Facebook IP ranges blocked."
#################################################################################################### #######
Last edited by skyfly; 09-03-2013 at 05:44 AM.
|