HOW TO blocking a website with iptables ??
Hi
i wanna ask about iptables , how if i want to block some domain name with iptables ... exp = micr*s0ft.com i have tried several way .. but still unsuccesfuly .. o_O PLEASE HELP ME !!!! ... some one use a website attacking my network ... i have tried put this on my rule ... #iptables -A FORWARD -s micr*s0ft.com -j REJECT #iptables -I INPUT -s micr*s0ft.com -j DROP #iptables -A FORWARD -i eth0 ( EXT ) -p ALL -s micr*s0ft.com -d 0/0 -j REJECT #iptables -A FORWARD -p ALL -s micr*s0ft.com -j REJECT #iptables -A INPUT -s micr*s0ft.com -j REJECT Any suggest will be very appreciated #ps* .. so sorry for my language Thank you |
Look at the "blocking spam" entry on this webpage:
http://www.hojohnlee.com/hacks/category/linux/ http://en.allexperts.com/q/Unix-Linu...e-iptables.htm http://linuxpakistan.net/forum/viewt...bsite+iptables http://www.cyberciti.biz/tips/linux-...p-address.html http://www.derkeiler.com/Newsgroups/...5-02/0042.html http://www.unixreview.com/documents/...103c/0103c.htm |
Quote:
|
Thank`s for replaying guyz
^_^ Btw .. i`ll Check out the link .. .. Quote:
** sorry for my language o_O Cheers |
Quote:
|
u'll have to use ips and if u'd like to block all DOMAIN names u can these just replace where needed.
iptables -A OUTPUT -p all --destination 127.0.0.1 -j DROP find out the ip of a domain name and then find out it's whole ip range(s). I don't know if this rule will work exactly for u, but it works for me in custom-rules using arno-iptables-firewall for blocking access to whole ip ranges which \begin edit\ equales domain names /edit end/, and also does NOT gripe about it. :) yes just change 127.0.0.1 to whatever ip and add a slash and then the netmask range and restart the firewall. Example to block the WHOLE 224.0.0.0 range - IGMP/BROADCAST range, the following rule should suffice.. iptables -A OUTPUT -p all --destination 224.0.0.0/3 -j DROP |
nowshining, lets wait for an explanation about what the OP is trying to achieve before making these types of suggestions. Also, as has been said, iptables is simply not the right tool for filtering WWW access to specific domains. Ideally you'd want to use a proxy server. Having said that, the OP mentioned that his network was under attack, which makes it sound like this might not even be a WWW access issue at all. We need clarification in order to understand what is going on here - we can't just assume things. He hasn't logged-on ever since posting his last message, give him some time.
|
Quote:
edit: --> adding: they could also change OUTPUT to INPUT for incoming connections... |
If you want to block domain names, it would makes sense to do it when they are looked up.
dd-wrt is a Linux-based router (firmware). Using its DNSMasq feature, you can easily block domains(subdomains) for all the computers on your network. The detailed instruction is found: http://www.gwgamedev.com/about/opinion/blockingDomain/ |
Block Website via Iptables
my system is working as a router(RHEL5). i want block some website using iptables
|
Quote:
Are you being forced to use iptables for this? |
If you want to block outgoing traffic from your PC to xxx.com , you need to do this:
Code:
iptables -A OUTPUT -p tcp -m string --string "xxx.com" --algo kmp -j DROP Code:
-m string --string "xxx.com" --algo kmp |
All times are GMT -5. The time now is 05:56 PM. |