How do I blocks sites just like ZoneAlarm?
 

I'm trying to block some sites so that I don't have to look at annoying ads and such. On my Windows machine I had ZoneAlarm Pro and could add sites to the restricted zone.

Now I've added a RH9 system to my collection and I'm using iptables to do the same using the command:

This does work but the browser (Mozilla 1.5) takes a long time (~4s) and seems to time out or retry instead accepting the REJECT and moving on. On Windows Mozilla immediately stops trying. So I'm wondering how ZoneAlarm rejects the outbound request. I've tried that various reject-with options but they all have the same effect. Using DROP causes a very long time out (~30s) as I would expect.

Thanks.

you could use guarddog , its a very good firewall and it let u avoid the hastle of dealing with cryptic shell scripts and ipchains/iptables parameters.

http://www.simonzone.com/software/guarddog/

Mozilla 1.5 can be configured so as not to download images (and pop-up windows) from sites you specify.
Maybe that is what you want.

I myself use the squid proxy server, which, in addition to letting me specify an acl to deny source domains (and much more), also lets me analize my traffic (it prepares a log file with all information on files downloaded during browsing), so I can determine what deserves denying, and, finally, it maintains a very efficient local cache of downloaded files, so it gives me a high speed increase during browsing.

Thanks. Maybe I'll try it and see what rules it generates.

The problem isn't really images since I can turn off animation. The problem is flash programs which sing and dance and work so hard to distract you.:mad: I took out the flash plugin just for that reason but now many sites need flash for site navigation.

You'll like Privoxy then. Successor to Junkbuster it's a filtering (but non-caching) proxy. Can block, explicitly or using regexes, TLD's, domains, subdomains, directories. Can filter, applied general or per site, for any Javascript, CSS, popups, pop-unders, Flash, movies and whatnot. On top of that it gives you rewrite rules.
Stupid example: s/microsoft(?!.com)/MicroSuck/ig.


BTW, I'll be moving this thread to the Linux - General forum: it isn't a security issue.

Thanks, I'll look at Privoxy. I guess it's not security -- I just like to keep the riffraff out.

there are a couple of extensions for Mozilla/Mozilla-Firebird that can block flash and other annoying stuff. I use 'Flash click to view'. Go to
http://extensionroom.mozdev.org/
to find the extensions. Loads of cool stuff.

Either add the sites to /etc/hosts.deny add an entry in your /etc/hosts file liek this:

127.0.0.1 website.you.want.to.block

I dont know if this will work to solve you problem....but you could try to use

REJECT -reject--with tcp-reset

this could send the reset packet to your browser and avoid the delayed response.