Latest LQ Deal: Complete CCNA, CCNP & Red Hat Certification Training Bundle
Go Back > Forums > Linux Forums > Linux - Networking
User Name
Linux - Networking This forum is for any issue related to networks or networking.
Routing, network cards, OSI, etc. Anything is fair game.


  Search this Thread
Old 02-08-2013, 12:17 PM   #1
Registered: Oct 2012
Location: Holden, ME, USA
Distribution: SlackWare64 14.00
Posts: 185

Rep: Reputation: 0
iptables string matching block

I hope the title isn't to unclear but let me go a little further. I need to content filter the web on this linux machine (just this one not a whole network) I don't need anything too reliable mostly just trying to block common keywords related to porn and drugs and stuff. I want to use iptables and I'm with that all the way mostly because I'm not using 3rd party programs (really meaning programs that didn't come with the OS when i say that) i need to match by keyword please. Also is there a way to direct them to a webpage at the localhost page? cause if so I'd like to know how to do that too please. I've done plenty of research on this but I'm a little concerned of what happens if i do it wrong how reversable is it and it might be tough if I use just anyones example
Old 02-08-2013, 09:59 PM   #2
Registered: Aug 2012
Distribution: Debian, CentOS
Posts: 74

Rep: Reputation: Disabled
iptables was not built for content filtering, hence it would not be the best tool here. HTTPS traffic would be completely invisible for iptables.

You could use string matching of iptables for the keywords you want to block but instead of dropping or rejecting the packets, just redirect them to your localhost. You could set up a static error page on your localhost on say port 8080 and redirect to localhost:8080

A transparent squid proxy would fit your requirements better.
Old 02-11-2013, 10:47 AM   #3
Registered: Oct 2012
Location: Holden, ME, USA
Distribution: SlackWare64 14.00
Posts: 185

Original Poster
Rep: Reputation: 0
I know that squid be better but again like I said I'm set on iptables and thats because I know what you told me about HTTPS I understand that and I'm not concerned about that at all one bit I'm not asking for some intense content filtering. I just need to get the majority of traffic used on a normal basis covered is all everything else will be kept track off in other ways that I'm not too concerned about. Now could I get an example though of what I'm asking everything on the internet is evertyhing BUT string matching iptables for the keywords. SO please lets try and stick away from squid and stuff because I also can't even figure out how to set that up properly so also unless you have somewhere I can get a complete guide for what I NEED then please try to refrane from it


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off

Similar Threads
Thread Thread Starter Forum Replies Last Post
[SOLVED] sed string matching less greedy drj000 Programming 11 04-16-2010 02:50 AM
Delete line in file matching string Black Sun Programming 7 01-28-2010 03:18 AM
string matching in bash 2.0.5 texaganian Linux - Newbie 4 11-30-2009 09:34 AM
bash string matching Crafttype Linux - Newbie 2 05-26-2009 06:27 PM
IPTables String Matching on FC5 jwhitehead Linux - Security 2 07-02-2006 12:42 AM > Forums > Linux Forums > Linux - Networking

All times are GMT -5. The time now is 06:24 PM.

Main Menu
Write for LQ is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration