LinuxQuestions.org
Visit Jeremy's Blog.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Networking
User Name
Password
Linux - Networking This forum is for any issue related to networks or networking.
Routing, network cards, OSI, etc. Anything is fair game.

Notices


Reply
  Search this Thread
Old 07-14-2008, 11:18 AM   #1
Mr.J
Member
 
Registered: Jun 2008
Posts: 82

Rep: Reputation: 15
url blocking via iptables


I just executed following commands on my command prompts.
iptables -I INPUT 1 -p tcp --dport 80 -m string --string "linuxhq.com" --algo kmp -j DROP
iptables -I INPUT 1 -p tcp --dport 80 -m string --string "vmware-server.com" --algo kmp -j DROP

Then I executed following command.
root@test-desktop:/home/test# iptables -L
Chain INPUT (policy ACCEPT)
target prot opt source destination
DROP tcp -- anywhere anywhere tcp dpt:www STRING match "vmware-server.com" ALGO name kmp TO 65535
DROP tcp -- anywhere anywhere tcp dpt:www STRING match "linuxhq.com" ALGO name kmp TO 65535

Chain FORWARD (policy ACCEPT)
target prot opt source destination

Chain OUTPUT (policy ACCEPT)
target prot opt source destination
root@test-desktop:/home/test#

When I tried to access linuxhq.com via browser, I could access the site.
Any body has any idea by adding rules to iptable did not worked ?
 
Old 07-14-2008, 12:04 PM   #2
DragonM15
Member
 
Registered: Sep 2003
Location: USA
Distribution: Slackware (Multiple Versions)
Posts: 455

Rep: Reputation: 31
I see that you really want this question answered. I see you posted here, expert-exchange, and linuxforums. Anyways, on another note, have you considered using DansGuardian? http://dansguardian.org/


DragonM15
 
Old 07-14-2008, 10:35 PM   #3
Mr.J
Member
 
Registered: Jun 2008
Posts: 82

Original Poster
Rep: Reputation: 15
DansGuardian or squid is seconday options if nothing works. I was just wondering that when iptables provide support for string filtering then why it is not working....
 
Old 07-15-2008, 01:04 PM   #4
DragonM15
Member
 
Registered: Sep 2003
Location: USA
Distribution: Slackware (Multiple Versions)
Posts: 455

Rep: Reputation: 31
Well in that case, something as easy as:
Code:
iptables -A INPUT -s linuxhq.com -j DROP
iptables -A OUTPUT -d linuxhq.com -j DROP
And I tested it right now, and it works.

DragonM15
 
Old 07-21-2008, 08:57 PM   #5
Mr.J
Member
 
Registered: Jun 2008
Posts: 82

Original Poster
Rep: Reputation: 15
Did you tried executing following commands on ubuntu.
iptables -A INPUT -s linuxhq.com -j DROP
iptables -A OUTPUT -d linuxhq.com -j DROP

When I execute, command, I do not get command prompt and no error also...
But when I try with IP instead of domain name, then it works
 
Old 07-21-2008, 09:33 PM   #6
DragonM15
Member
 
Registered: Sep 2003
Location: USA
Distribution: Slackware (Multiple Versions)
Posts: 455

Rep: Reputation: 31
thats strange, because I just tried it just like that and it worked perfectly. Wierd.

DragonM15
 
Old 07-29-2008, 12:39 AM   #7
Mr.J
Member
 
Registered: Jun 2008
Posts: 82

Original Poster
Rep: Reputation: 15
Did you tried executing commands on ubuntu 7.1 ?
 
Old 07-30-2008, 04:24 PM   #8
DragonM15
Member
 
Registered: Sep 2003
Location: USA
Distribution: Slackware (Multiple Versions)
Posts: 455

Rep: Reputation: 31
Quote:
Originally Posted by Mr.J View Post
Did you tried executing commands on ubuntu 7.1 ?
Slackware 10.2 and 12.1 ... But iptables is iptables, just because it is ubuntu shouldn't make that much of a difference. Or am I wrong?

DragonM15
 
Old 07-30-2008, 04:33 PM   #9
DragonM15
Member
 
Registered: Sep 2003
Location: USA
Distribution: Slackware (Multiple Versions)
Posts: 455

Rep: Reputation: 31
ubuntu 7.1 comes stock with iptables-1.3.6 and slackware 12.1 comes stock with iptables 1.4.0 perhaps that could be it?

run
Code:
bash-3.1$ /usr/sbin/iptables -V
to find out what version you are running

DragonM15
 
Old 07-31-2008, 06:50 AM   #10
Mr.J
Member
 
Registered: Jun 2008
Posts: 82

Original Poster
Rep: Reputation: 15
root@test-desktop:/home/test# /sbin/iptables -V
iptables v1.3.6
root@test-desktop:/home/test# apt-get install iptables
Reading package lists... Done
Building dependency tree
Reading state information... Done
iptables is already the newest version.
0 upgraded, 0 newly installed, 0 to remove and 210 not upgraded.
root@test-desktop:/home/test#
 
Old 08-01-2008, 05:20 AM   #11
jbnexus
LQ Newbie
 
Registered: Jul 2008
Posts: 7

Rep: Reputation: 0
i thought iptables is not a content-filter. privoxy can handle url-filtering.
but if you want to filter an ip, you could put it in your startupscript.

##########################################
#!/bin/sh
IPTABLES="/usr/sbin/iptables"
blockip01=`resolveip linuxhq.com | cut -d " " -f 6`
$IPTABLES -A OUTPUT -o eth0 -p tcp -m tcp -d $blockip01 -j REJECT --reject-with tcp-reset #browser terminates trying
##########################################

if you get more than 1 ip-address like "resolveip google.com | cut -d " " -f 6"-output gives you, than you may write a for loop.

##########################################
#!/bin/sh
IPTABLES="/usr/sbin/iptables"

for blockip01adds in `resolveip google.com | cut -d " " -f 6`; do
$IPTABLES -A OUTPUT -o eth0 -p tcp -m tcp -d $blockip01adds -j REJECT --reject-with tcp-reset
done
##########################################

this should work.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
blocking an IP using iptables picox Linux - Security 7 12-10-2010 02:00 PM
Blocking almost everything with iptables GeneralDark Linux - Security 18 12-04-2007 04:36 PM
Blocking an IP with iptables asif2k Linux - Security 4 04-18-2006 11:22 PM
iptables ang URL blocking gigsz Linux - Networking 5 12-26-2005 11:31 PM
iptables - Blocking an URL ddaas Linux - Security 2 10-14-2004 06:36 PM

LinuxQuestions.org > Forums > Linux Forums > Linux - Networking

All times are GMT -5. The time now is 03:50 PM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Open Source Consulting | Domain Registration