Re: How do i Block Adult Sites through IPTABLE
From: Alexey Fadyushin (fab_at_s-tunnel.com)
Date: 12/29/03
- Previous message: Jason Dixon: "Re: rh9 2.4.20-27.9 kernel src not installing"
- Maybe in reply to: Nilesh: "How do i Block Adult Sites through IPTABLE"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
To: redhat-list@redhat.com Date: Mon, 29 Dec 2003 17:43:44 +0300
Are you running browser on the router? You should add blocking rules
into OUTPUT chain to block access from the router. Rules in the
FORWARD chain affect only connections from the computers connected
through the router.
Are you able to ping the blocked hosts (from the router and from the
connected computers)?
Alexey Fadyushin
Brainbench MVP for Linux.
http://www.brainbench.com
>Sir,
>
>I have added these lines but still not working my iptables output is showing rejected sites in FORWARD but checked in browser still >open that sites
>even i changed to DROP .
>tell me what sould i do. waiting for reply
>thank u very much
>
>Alexey Fadyushin <fab@s-tunnel.com> wrote:
Yes, you can use list from a file. You should use the
following commands:
for i in `cat /etc/blocklist.txt` ; do
iptables -A FORWARD -d $i -j REJECT
done
You can put these commands in the file with other firewall
configuration
commands. I think that most logical place for them is
rc.filewall.
Alexey Fadyushin
Brainbench MVP for Linux.
http://www.brainbench.com
>Thank you for your great help
>
>can you tell me one more thing
>in can i add path of list like
>for i in < /etc/blocklist.txt>;do
>iptables -A FORWARD -d $i -j REJECT
>
>and tell me where should i add this lines in rc.firewall or
somewhere.
>Thanks and let me know
>
>
>
>
>Alexey Fadyushin wrote:
>
> Of course, squid is more efficient solution. But the question
was about
> iptables. As I understood, squid has not been installed on the
router
> in question.
>
> Alexey Fadyushin.
> Brainbench MVP for Linux.
> http://www.brainbench.com
>
> "Rigler, Steve" wrote:
>
> Wouldn't it be more efficient to set up squid and use it to
block adult sites?
>
> -Steve
>
> > -----Original Message-----
> > From: redhat-list-admin@redhat.com
> > [mailto:redhat-list-admin@redhat.com]On Behalf Of Alexey
Fadyushin
> > Sent: Wednesday, December 24, 2003 8:04 AM
> > To: redhat-list@redhat.com
> > Subject: Re: How do i Block Adult Sites through IPTABLE
> >
> >
> > You should add the following string(s) in the rc.firewall:
> >
> > iptables -A FORWARD -d 1.2.3.4 -j REJECT
> >
> > where 1.2.3.4 should be replaced with the address of the
adult server
> > to be blocked.
> > You should repeat this string for all the servers you need to
block.
> > Of course, if you have many servers to block, you can use
shell's
> > operators (such as 'for') around that string to automatically
> > replace the address for each server. For example:
> >
> > for i in ; do
> > iptables -A FORWARD -d $i -j REJECT
> > done
> >
> > Alexey Fadyushin.
> > Brainbench MVP for Linux.
> > http://www.brainbench.com
> >
> > >
> > Thanks you are helping me
> > >I have installed RedHat 8.0 that is with two eth card and
> > runing as proxy server
> > >
> > >i have added rulesin rc.firewall file and proxy is working
> > >
> > ># Masquerade
> > >
> > >iptables -t nat -A POSTROUTING -o $EX_ETH -j MASQUERADE
> > >
> > >iptables -A OUTPUT -s $LOCAL_NET -o $EX_ETH -j ACCEPT
> > >
> > ># Turn on IP forwarding
> > >
> > >echo 1 > /proc/sys/net/ipv4/ip_forward
> > >
> > >so how can i block all adult sites
> > >
> >
> >
> >
> >
> > Alexey Fadyushin wrote:
> >
> > If you need to block the access to that sites locally
> > (i.e. from
> > the
> > computer on which you run iptables, you can use the following
> > command:
> >
> > iptables -A OUTPUT -d -j REJECT
> >
> > alternatively, yuo can add the following string to
> > /etc/sysconfig/iptables
> > (in the 'filter' table):
> >
> > -A OUTPUT -d -j REJECT
> >
> > If you want to block the access from another machine, for
which
> > your
> > computer
> > is acting as a router, you should change 'OUTPUT' to
> > 'FORWARD' in
> > the
> > examples
> > above.
> >
> > Alexey Fadyushin.
> > Brainbench MVP for Linux.
> > http://www.brainbench.com
> >
> > Nilesh wrote:
> > >
> > > Hello
> > >
> > > How do i block Adult XXX sites through iptables
> > >
> > > can any one help me
> > >
> > > Thanks
> > >
> > >
> > >
> >
----------------------------------------------------------------------
> > > Do you Yahoo!?
> > > Yahoo! Photos - Get your photo on the big screen in Times
> > Square
> >
> >
> > --
> > redhat-list mailing list
> > unsubscribe
> > mailto:redhat-list-request@redhat.com?subject=unsubscribe
> > https://www.redhat.com/mailman/listinfo/redhat-list
> >
> >
> > Do you Yahoo!?
> > Yahoo! Photos - Get your photo on the big screen in Times
Square
> >
> >
> > --
> > redhat-list mailing list
> > unsubscribe
mailto:redhat-list-request@redhat.com?subject=unsubscribe
> > https://www.redhat.com/mailman/listinfo/redhat-list
> >
> >
>
> --
> redhat-list mailing list
> unsubscribe
mailto:redhat-list-request@redhat.com?subject=unsubscribe
> https://www.redhat.com/mailman/listinfo/redhat-list
--
redhat-list mailing list
unsubscribe
mailto:redhat-list-request@redhat.com?subject=unsubscribe
https://www.redhat.com/mailman/listinfo/redhat-list
>Do you Yahoo!?
>Yahoo! Photos - Get your photo on the big screen in Times Square
>Do you Yahoo!?
>Yahoo! Photos - Get your photo on the big screen in Times Square
-- redhat-list mailing list unsubscribe mailto:redhat-list-request@redhat.com?subject=unsubscribe https://www.redhat.com/mailman/listinfo/redhat-list
- Previous message: Jason Dixon: "Re: rh9 2.4.20-27.9 kernel src not installing"
- Maybe in reply to: Nilesh: "How do i Block Adult Sites through IPTABLE"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
