Is there a way to block all outgoing access of a domain?
 

I want to block all access to Google. Is there a way to do this?

Yeah, obtain the Google IP address ranges and block them: https://support.google.com/a/answer/10026322?hl=en

If you do that, half of the internet won't work. Same as blocking Amazon or Cloudflare.

Don't be silly, of COURSE the internet will still work. You simply will not be able to access any google services. That means you might want to change your search default to something other than google, use a non-google mail server, and plan on some faults when you hit web sites that require Google services or authentications.

Google did not invent the internet, the internet was here first and much of it is totally independent of google, amazon, and cloudflare.


And look, it is easy enough to give it a try and if it is terribly inconvenient to live without google just undo the blockage. Document your change
AND a backout plan so you have it to follow even should you forget.

 

A browser plugin like uMatrix can be configured to block all Google domains, and conditionally unblock them for specific websites only as needed.

Google was just an example. I wanted to know how to block any address.

Which includes the 'multiquote' feature of LQ, which uses
google-analytics.


It's apparently not just browser accesses. There seems to be traffic
I don't know about happening even when I have no browser loaded.

You didn't ask that, you asked how to block google.com :) :)

Same thing applies, find all the IP addresses the domain uses and block them. For large providers like Google / AWS / etc. they may publish their ranges (usually for the other way around, to allow companies to whitelist their IPs) but for smaller companies it may be harder.

Then configure your firewall properly, and/or use Pi-hole.


No it doesn't. The multiquote feature has been made to depend on cdnjs.cloudflare.com but does NOT depend on google-analytics.com

In the subject line I asked that.


The Linux HOWTO on firewalls is 20 years old; I've never heard of Pi-hole. Where's a good place to start for the newbie who doesn't want to learn everything?


You're right. I don't understand how to use uMatrix. I blocked Google's access and multiquote stopped working. When I looked
this time I saw that cloudflare was also blocked even though I didn't specify that. As I've experimented with other sites I see that uMatrix has blocked a number of domains without my instruction.

Check the Assets tab of the settings - there are default blacklists for malware/etc there.

(It might also use Filter lists from uBlock Origin.)


There are different words for people who are new and people who don't want to learn, and "Registered: Mar 2010 / Distribution: Slackware" is not the sign of a newbie. :|

I find Digital Ocean guides useful, here's one for setting up UFW: https://www.digitalocean.com/communi...w-on-debian-10
(I'm fairly sure the "on Debian" part only applies to the install step.)

That is just rude. Everyone with common sense knows that the subject line is a rough hint about the topic. The real question is actually asked in the initial post. Put some effort in your question and do not try to twist this like the members who have helped you have a comprehension problem.

Linux is an ocean: no one knows all its currents. I'm an expert in some things, not all, and I have other endeavors. I want to learn, just not everything. I repair my own automobile, am an expert on much of how it works, but not on other matters automotive, such as automatic transmissions and fuel injectors, don't care to learn.

See? You have an answer. Thanks.

No it isn't; it isn't even disagreeable, just a disagreement.

Einstein. To evoke 'common sense' is to give up trying to make a useful argument.

I disagree. The subject line is the most important line in a post. If it's a crummy one, I don't even look.

UMatrix works on a whitelist principle, not blacklist.

It can work both ways.

For scripts the default is that third-party domains needs to be whitelisted.

But even if you whitelist the whole script column, known bad domains remain blacklisted (dark red) and their scripts don't load (unless you override it).

https://www.lifewire.com/what-is-the...-google-818153
https://md5calc.com/google/ip