you can only block access to certain ports even using iptables. the http port is 80. so u can block all traffic for www.badsite.com port 80 only. this will keep othre services open.
--Dhruv Ahuja
**
there are many re
the problem with these kind of solutions is that when there are many IP
mapping to one domain then this will not work. for example www.yahoo.com
has different IPS so its not the best solution.
use squid proxy/transparent proxy if u want to block certain sites.
vineet
On Fri, 2003-02-14 at 07:42,
+---+
| iptables -P INPUT DROP; |
| iptables -P OUTPUT DROP; |
| iptables -P FORWARD DROP; |
| iptables -A INPUT -s IP of the site -j ACCEPT; |
| iptables -A OUTPUT -s IP of
Hello Dhruv Soi
iptables -A FORWARD -p tcp -d www.google.com -j REJECT
...it is worth mentioning that iptables can only operate on IPs. In this case, it will resolve www.google.com and apply the rule.
--Dhruv Ahuja
there are many reason why i would'nt do it like this. .
Iptables would translate the blocksites.com to lets say W.X.Y.Z in that
hypothetically you are blocking off all domains which are hosted through
that interface. Not only lets say you just want to just block of a URL
which would be in most cas
i think the following should work
iptables -A FORWARD -o eth0 -p tcp -d blockthissite.com -s
192.168.6.0/24 -j DROP
vivek
> On Wed, 2003-02-12 at 23:44, Dhruv Soi wrote:
>
>>Hi All,
>>I have configured a simple firewall on my linux box using iptables-1.2.5-3
>>just to make it a gateway machine
Some times when problem seems too though try looking at in from
different perspective. Specific URL blocking should'nt be the task of
Iptables in most cases.
On Wed, 2003-02-12 at 23:44, Dhruv Soi wrote:
>
> Hi All,
> I have configured a simple firewall on my linux box using iptables-1.2.5-3
>
