there are many reason why i would'nt do it like this. . Iptables would translate the blocksites.com to lets say W.X.Y.Z in that hypothetically you are blocking off all domains which are hosted through that interface. Not only lets say you just want to just block of a URL which would be in most cases http but you still want to use SMTP, FTP what then.
then how many sites would you like to block off this way. Iptables is great temporary solution when somebody is carrying on a DoS because it would block off those attacks on kernel level hopefully. Privoxy and squidGuard are two solution I know where http sites can be blocked off. On Thu, 2003-02-13 at 22:27, vivek wrote: > i think the following should work > > iptables -A FORWARD -o eth0 -p tcp -d blockthissite.com -s > 192.168.6.0/24 -j DROP > > vivek > > > > On Wed, 2003-02-12 at 23:44, Dhruv Soi wrote: > > > >>Hi All, > >>I have configured a simple firewall on my linux box using iptables-1.2.5-3 > >>just to make it a gateway machine blocking various ports. Now the > >>requirement is of URL blocking can anybody help me out regarding that. > >> > >>Regards, > >>-Dhruv > >> > > ================================================ > To unsubscribe, send email to [EMAIL PROTECTED] with unsubscribe in subject >header. Check archives at http://www.mail-archive.com/ilugd%40wpaa.org >
signature.asc
Description: This is a digitally signed message part
