Re: How do i Block Adult Sites through IPTABLE

From: Alexey Fadyushin (fab_at_s-tunnel.com)
Date: 12/24/03

  • Next message: Jason Dixon: "Re: using chkconfig" 
    To: redhat-list@redhat.com
Date: Wed, 24 Dec 2003 17:40:08 +0300

    Of course, squid is more efficient solution. But the question was about
    iptables. As I understood, squid has not been installed on the router
    in question.

    Alexey Fadyushin.
    Brainbench MVP for Linux.
    http://www.brainbench.com

    "Rigler, Steve" wrote:
    >
    > Wouldn't it be more efficient to set up squid and use it to block adult sites?
    >
    > -Steve
    >
    > > -----Original Message-----
    > > From: redhat-list-admin@redhat.com
    > > [mailto:redhat-list-admin@redhat.com]On Behalf Of Alexey Fadyushin
    > > Sent: Wednesday, December 24, 2003 8:04 AM
    > > To: redhat-list@redhat.com
    > > Subject: Re: How do i Block Adult Sites through IPTABLE
    > >
    > >
    > > You should add the following string(s) in the rc.firewall:
    > >
    > > iptables -A FORWARD -d 1.2.3.4 -j REJECT
    > >
    > > where 1.2.3.4 should be replaced with the address of the adult server
    > > to be blocked.
    > > You should repeat this string for all the servers you need to block.
    > > Of course, if you have many servers to block, you can use shell's
    > > operators (such as 'for') around that string to automatically
    > > replace the address for each server. For example:
    > >
    > > for i in <list_of_servers> ; do
    > > iptables -A FORWARD -d $i -j REJECT
    > > done
    > >
    > > Alexey Fadyushin.
    > > Brainbench MVP for Linux.
    > > http://www.brainbench.com
    > >
    > > >
    > > Thanks you are helping me
    > > >I have installed RedHat 8.0 that is with two eth card and
    > > runing as proxy server
    > > >
    > > >i have added rulesin rc.firewall file and proxy is working
    > > >
    > > ># Masquerade
    > > >
    > > >iptables -t nat -A POSTROUTING -o $EX_ETH -j MASQUERADE
    > > >
    > > >iptables -A OUTPUT -s $LOCAL_NET -o $EX_ETH -j ACCEPT
    > > >
    > > ># Turn on IP forwarding
    > > >
    > > >echo 1 > /proc/sys/net/ipv4/ip_forward
    > > >
    > > >so how can i block all adult sites
    > > >
    > >
    > >
    > >
    > >
    > > Alexey Fadyushin <fab@s-tunnel.com> wrote:
    > >
    > > If you need to block the access to that sites locally
    > > (i.e. from
    > > the
    > > computer on which you run iptables, you can use the following
    > > command:
    > >
    > > iptables -A OUTPUT -d -j REJECT
    > >
    > > alternatively, yuo can add the following string to
    > > /etc/sysconfig/iptables
    > > (in the 'filter' table):
    > >
    > > -A OUTPUT -d -j REJECT
    > >
    > > If you want to block the access from another machine, for which
    > > your
    > > computer
    > > is acting as a router, you should change 'OUTPUT' to
    > > 'FORWARD' in
    > > the
    > > examples
    > > above.
    > >
    > > Alexey Fadyushin.
    > > Brainbench MVP for Linux.
    > > http://www.brainbench.com
    > >
    > > Nilesh wrote:
    > > >
    > > > Hello
    > > >
    > > > How do i block Adult XXX sites through iptables
    > > >
    > > > can any one help me
    > > >
    > > > Thanks
    > > >
    > > >
    > > >
    > > ----------------------------------------------------------------------
    > > > Do you Yahoo!?
    > > > Yahoo! Photos - Get your photo on the big screen in Times
    > > Square
    > >
    > >
    > > --
    > > redhat-list mailing list
    > > unsubscribe
    > > mailto:redhat-list-request@redhat.com?subject=unsubscribe
    > > https://www.redhat.com/mailman/listinfo/redhat-list
    > >
    > >
    > > Do you Yahoo!?
    > > Yahoo! Photos - Get your photo on the big screen in Times Square
    > >
    > >
    > > --
    > > redhat-list mailing list
    > > unsubscribe mailto:redhat-list-request@redhat.com?subject=unsubscribe
    > > https://www.redhat.com/mailman/listinfo/redhat-list
    > >
    > >
    >
    > --
    > redhat-list mailing list
    > unsubscribe mailto:redhat-list-request@redhat.com?subject=unsubscribe
    > https://www.redhat.com/mailman/listinfo/redhat-list 

    -- 
redhat-list mailing list
unsubscribe mailto:redhat-list-request@redhat.com?subject=unsubscribe
https://www.redhat.com/mailman/listinfo/redhat-list
  • Next message: Jason Dixon: "Re: using chkconfig"

    Relevant Pages

    • Re: Firewall, OpenVPN and Squid question
      ... >> I have around 100 users at our site that would require the use of squid, ... >> house are own webserver, mail server, public DNS servers in the DMZ and ... >> Will this setup put to much strain on the FIREWALL box or will it have ...
      (freebsd-questions)
    • Re: Linux Email solution Qustions
      ... M> Our company has farmed out our servers to Interland, ... why is squid relevant to a question about email? ... M> Can I have a Linux box grab all the email from the different pop ... As Wbarwell went on to suggest, there are various UCE/SPAM filters ...
      (alt.linux)
    • Reverse proxy to multiple origin servers on multiple ports
      ... I'm attempting to build up a Squid reverse proxy server that proxies ... The goal is to allow users in my network to see a set of http servers ... working in reverse proxy to many origin servers on port 80. ...
      (comp.os.linux.networking)
    • Reverse proxy to multiple origin servers on multiple ports
      ... I'm attempting to build up a Squid reverse proxy server that proxies ... The goal is to allow users in my network to see a set of http servers ... working in reverse proxy to many origin servers on port 80. ...
      (comp.os.linux.networking)
    • RE: How do i Block Adult Sites through IPTABLE
      ... squid is more efficient solution. ... squid has not been installed on the router ... -- redhat-list mailing list unsubscribe mailto:redhat-list-request@redhat.com?subject=unsubscribe ...
      (RedHat)