Networking :: Block The Urls With Iptables?

Feb 22, 2010

I have a server with slackware 12 and i try to block 2 web sites but without success. I write in iptables rules /etc/iptables.conf

iptables -A INPUT -s web.org -j DROP
iptables -A OUTPUT -d web.org -j DROP

but no effect. What rule i must write to block url`s?

View 4 Replies


ADVERTISEMENT

Networking :: Block IM With Iptables Or Squid?

Dec 24, 2008

in my office i have to block all messenger like yahoo messenger, windows live messenger, i have to block websites like www.yahoo.com, some more web sites. i need guidance through which i can accomplish this task through ip tables or through squid server. i can use squid but i had heard that squid blocks pop and smtp also. squid creates some problem in receiving and sending email. i am using red hat linux 4 box and installed squid having two ethernet card 1 is connected to adsl line and 2 is connected to switch. all clients will have proxy address of this linux box. guys need ur help ASAP.

View 2 Replies View Related

Networking :: Block Web Access With Iptables ?

Apr 25, 2010

Just wondering if it is possible to block web access on a certain ip address with iptables.

Iv seen guides for blocking web traffic on a whole network but i want to just block a single host from accessing the web.

View 14 Replies View Related

Ubuntu Servers :: Using Iptables To Get Web Usage Statistics And Filter Urls?

Dec 16, 2010

I'm deploying new ubuntu server which should act as a router. I've already set up the NAT for local network, and also did some shaping for different groups of users, but now I'm facing new problem.I need to make a scheduled URL filter. I know it's not a problem with cron and simple script, but maybe there is existing way to do that? And also, I need to make statistics on web-traffic. I need to have list of URLs visited by users (source ip, destination url). Is it possible with iptables? or with any other software but without using proxy servers.

View 9 Replies View Related

Networking :: Using Iptables To Block IP Addresses Automatically?

Dec 7, 2009

I want to use iptables to automatically block all IP addresses who send UDP packets with length 11 more than 3 times per 10 seconds.

View 1 Replies View Related

CentOS 5 Networking :: Iptables DOS Temporarily Block IP?

May 5, 2011

I have the requirement that if our website receives 20 or more requests within 60 seconds, to block the offending IP address for 5 minutes, then allow them access again. My only certain mechanism to do this is iptables. I wrote the following series of commands:

iptables -N RATE_CHECK
iptables -N DOSAttack
iptables -N RemoveBlock

[code]...

I am limited in my testing, but the little I have been able to test seems to be having no effect. will the above commands have the desired effect.

View 4 Replies View Related

Fedora Networking :: Block App Using Iptables / Rope Scriptable Method?

Oct 27, 2010

I Need to know how to block this applications using iptables or ROPE scriptable Method..?..

1.Web navigation
2.Electronic mail
3.FTP transfers
4.Video traffic (multicast video stream and unicast video stream)
5.VoIP service
6.Instant Message (MSN and yahoo messenger�etc)
7.Management service (TR-069 and SNMP)

View 6 Replies View Related

Ubuntu Networking :: Iptables: Block Incoming And Allow Outgoing Traffic

Jan 6, 2011

I need to configure iptables to block incoming traffic (except specific ports), but allows all outgoing traffic.

I am able to block incoming traffic, but doing so also prevents outgoing traffic (tested by telnet [URL] 80)

The following was used:

iptables -A INPUT -p tcp --dport ssh -j ACCEPT
iptables -A INPUT -p tcp --dport 80 -j ACCEPT
iptables -I INPUT 1 -i lo -j ACCEPT
iptables -A INPUT -j DROP

Also, even allowing NOT SYN requests still prevents outgoing traffic.

iptables -I INPUT 1 -p tcp ! --syn -j ACCEPT

Another point:

# modinfo ipt_state
modinfo: could not open /lib/modules/2.6.18-028stab070.14/modules.dep

How to install ipt_state module on ubuntu?

View 2 Replies View Related

Networking :: Block This Applications Using Iptables - ROPE Scriptable Method?

Oct 27, 2010

I Need to know how to block this applications using iptables or ROPE scriptable Method..?..

1.Web navigation
2.Electronic mail
3.FTP transfers
4.Video traffic (multicast video stream and unicast video stream)
5.VoIP service
6.Instant Message (MSN and yahoo messenger�etc)
7.Management service (TR-069 and SNMP)

View 1 Replies View Related

Security :: Iptables To Block Ip From Ftp?

Mar 6, 2010

Is this how I would do that?

iptables -A INPUT -p tcp --destination-port 21 -d ! 168.192.1.2 -j DROP

This should block all incoming connections on port 21 from 192.168.1.2, correct? Thus preventing that IP from logging into my FTP.

View 1 Replies View Related

Fedora Security :: Iptables - Block Everything From Getting In My Pc

Mar 17, 2009

What i wanted to do was block everything from getting in my pc but still be able to surf the web and still use instant messenger.

View 2 Replies View Related

Ubuntu :: How To Block All Outgoing With IPTables

May 10, 2010

I want to block all outgoing traffic with iptables and only allow a few specific websites. I would like to get the code to do so and also to revert the changes in case I want to unblock them.

View 1 Replies View Related

General :: Block And Allow IP Using Iptables In RedHat 4.0?

Aug 3, 2009

I have blocked below IP by using iptables command in RedHat Linux 4.0.

Code:

iptables -A INPUT -s 192.168.0.85 -j DROP

It's now totally blocked and can't get access into web or internal network. how I can un-block that IP, so that it can again starts it's normal operation.

View 2 Replies View Related

General :: Block Some Ipaddres In Iptables (Ubuntu)?

Aug 3, 2010

Currently I have 2 Lan card in My System one for communicate client pcs (Lan card Ip 192.168.1.100) and other for Internet (Lan card ip 192.168.0.100.) All client pcs are in 192.168.1.0 Subnet Here i implement my system as router through iptables all clients are communicate through only 192.168.1.100 (clients default gateway also 192.168.1.100) Now no problem for forward rules when my system is active all clients are get internet.

Output of iptables -L
Chain INPUT (policy ACCEPT)
target prot opt source destination

[code]....

Now i want to block some ip address and port ways i tried lot of things in internet when i type iptables -A INPUT -s 192.168.1.150 -j REJECT (i found in internet it will block that ip address for getting internet and any access through my sys)

Now th Output

Chain INPUT (policy ACCEPT)
target prot opt source destination
REJECT all -- 192.168.1.112 anywhere reject-with icmp-port-unreachable

[code]....

it will block icmp protocol only I want to know how block ipaddress and port address ways...

View 1 Replies View Related

General :: Block UDP Protocols In Iptables - Ubuntu ?

Aug 5, 2010

Currently I have 2 Lan card in My System one for communicate client pcs (Lan card Ip 192.168.1.100) and other for Internet (Lan card ip 192.168.0.100.) All client pcs are in 192.168.1.0 Subnet

Here i implement my system as router through iptables all clients are communicate through only 192.168.1.100 (clients default gateway also 192.168.1.100) Now no problem for forward rules when my system is active all clients are get internet.

Now i have problem with blocking UDP protocols i tried lot of things in net iptables -A INPUT -s 192.168.1.0/255.255.255.0 -p UDP -j DROP

But it's not blocking UDP protocols (i change UDP to ICMP Protocols then icmp is blocked every ip address)

View 9 Replies View Related

Security :: Iptables - Block Bad And Not Related Packets

Jun 8, 2011

My VPS host a mail, blog and web site. So i want to block port i not use. The port that i use is 80,21,2022,443. The other port will be drop. I want to block bad packet and all packet that not related. Can anyone how to write in iptables?

View 2 Replies View Related

Server :: How To Block HotSpotShield In Squid / Iptables

Nov 9, 2010

Does anybody know how to block HotSpotShield in squid or iptables?

View 2 Replies View Related

Ubuntu :: Wget Failed Urls Output / Log The Urls That Have Failed?

Jan 22, 2010

I'm using wget to retrieve a long list of URLs, a small proportion of which fail, hence:

Code:
wget --input-file=urls.txt
Is there a way to log the urls that have failed? Unfortunatley wget does not output the current URL being processed (and then the status), so hard to see grepping the output helping.

Or should I use some alternative like curl, wmget?

View 1 Replies View Related

Debian Configuration :: IPTables Output Block Not Local

Sep 19, 2015

I try to create some rules to detect an outgoing traffic from my debian jessie that is not from my IP or loop.

#!/bin/bash
/sbin/iptables -N C_OUT_N_LOCAL
/sbin/iptables -N C_OUT_N_LOCAL_LO
/sbin/iptables -A C_OUT_N_LOCAL -m limit --limit 2/min -j LOG --log-prefix "PK: output not local : " --log-level 4

LO_IP="127.0.0.1"
MY_IP="192.168.0.4"

/sbin/iptables -I OUTPUT -p ALL ! -s $LO_IP -j C_OUT_N_LOCAL_LO
/sbin/iptables -A C_OUT_N_LOCAL_LO -p ALL ! -s $MY_IP -j C_OUT_N_LOCAL

View 0 Replies View Related

OpenSUSE Network :: Block All Ports But Port 80 With Iptables (DMZ)?

Jun 25, 2010

I have a Suse 10.3 router with 4 network cards. 1 is to connect to the big network and thereby also the internet, 2 are for 'client' subnets and I want to use the last one as a DMZ. In this DMZ will be a web server which has to be accessible from the other 2 subnets and from the big network. I could do it with a few simple clicks in Yast firewall, but I have some issues with this firewall and there for I want to use it as minimal as possible, using Iptables.

So now I'm struggling a bit with Iptables. Basicly what I'm looking for is how to block all ports but 80 in this last subnet with iptables.

View 5 Replies View Related

General :: Block All Ports Except SSH / HTTP In Ipchains And Iptables?

Jun 15, 2010

How can I block all ports except

ssh (port 22)
httpd (port 80)

using iptables and iphains?

View 1 Replies View Related

Ubuntu Security :: Block All Ports Except Pop And Smtp In NAT Through Iptables?

Jan 20, 2010

how to block all ports except pop,pop3,smtp in nat using iptables in squid on redhat A3

View 2 Replies View Related

Ubuntu Security :: Iptables, Block Port Except For Eth0

May 24, 2011

I would like to allow incoming and outgoing connections when I'm connected to a wired connection, but drop it otherwise. I noticed that ufw can't block outgoing traffic because of will I give iptables a try. I'm unsure if dropping packages that are outgoing will work, the rule after the block rule will allow all outgoing connections.

This what the rules are intended to do, unsure if that is actually the case. Allow all loopback traffic. Allow ping replys Allow incoming on port 12345 if eth0, deny otherwise. Allow outgoing on port 12346 if eth0, deny otherwise.

Code:
iptables -A FORWARD -j DROP
iptables -A INPUT -i lo -j ACCEPT
iptables -A INPUT -p icmp --icmp-type 0 -s -m state --state ESTABLISHED,RELATED -j ACCEPT

[Code]....

View 3 Replies View Related

Security :: Block IP After Failed Login Attempt Using Iptables?

Aug 11, 2009

I keep getting hundreds of SSH failed logins per day. Is there a way with iptables, i can say if a user connects too to port 22 over 8 times in 10 minuntes, then block them for an hour?

View 7 Replies View Related

Server :: Use Iptables To Block Multiple Requests From The Same Ip Within A Certain Time Frame?

Oct 17, 2010

I run a small home server (Debian 4), which acts as my gateway to the internet (ie, firewall) and runs a web server, dhcp, dns, and acts as a file server to the rest of the machines on my home network. Now I know it's never a smart idea to have all those services running on the same machine that is acting as a firewall, but I don't fancy running multiple servers just for home use, as it's mainly allowing me to learn system administration.

I noticed a few days ago that my internet had become unbearably slow, to the point where I could sometimes not load web pages. I spent a while searching through log files on my gateway, to try and find out what was eating up all of my bandwidth. When I came to apache's access.log file, I was confronted with this:

Code:

204.45.41.82 - - [17/Oct/2010:06:25:10 +0100] "GET http://vewice6.nightmail.ru/marriott-grand-cayma.html HTTP/1.1" 200 36921 "-" "Mozilla/4.0 (compatible; M$
204.45.41.82 - - [17/Oct/2010:06:25:11 +0100] "GET http://malaysiapodcaster.blogspot.com/2006/05/blog-post_11.html HTTP/1.1" 200 58681 "-" "Mozilla/4.0 (com$

[code]........

Multiple requests to my server, for totally random websites. I didn't even know it was possible to make those types of queries to a webserver. The only thing that is on the web server is a browser based torrent client. I have only shown a small snippet of the log file, but there are around 90k lines to different web addresses, from many different IPs. What I want to know, is what is happening? :S Why is someone querying MY web server, for web sites totally unrelated to it? And most of all, how can I stop it. My initial was to try and use iptables to block multiple requests from the same ip within a certain time frame, which I think would work as the server shouldn't really get many queries from external networks.

View 9 Replies View Related

Fedora Networking :: Can Resolve Some URLs But Not Others?

Dec 29, 2009

Over the weekend I upgraded my home PC from Fedora 9 to Fedora 12, and now I'm having problems connecting to the Internet. Basically, I am able to connect to some URLs but not others, and it happens in both Firefox and Konquerer. I am able to connect to url, url, url and url with no problems. However, when I try to connect to slashdot.org, url, fedoraforum.org and rpmfusion.org I can not. All the other Windows PCs in my home using the same 2Wire home portal are able to get to the sites using IE with no problem.

I first suspected a DNS issue, but the "host" command returns a valid IP address for all the URLs that I can not reach. Another symptom is that the following command

Code:
su -c 'rpm -Uvh url. url
(from rpmfusion.org/Configuration/) also doesn't work when entered at the command prompt. However, when I did "host download1.rpmfusion.org" and edited the command to use the IP address returned instead of "download1.rpmfusion.org" it worked. But then, the next time I ran "yum" it failed because it couldn't find the rpmfusion.org URL in the installed repository entries.

After reading some other threads, I tried disabling avahi-daemon, but that had no effect. I also tried examining /var/lib/dhcpd and /var/lib/dhclient, but neither file existed on my system.

View 3 Replies View Related

SUSE / Novell :: Write IPTABLES Script To Block The ICMP Ping?

Mar 13, 2010

I was trying to write IPTABLES script to block the ICMP ping using the below mentioned command in OpenSUSE 11.2 Doing this in VMware.....

iptables -A OUTPUT -o eth0 -p icmp -j DROP

& then I tried to ping the different computer & it didnt allow me to ping.
Then I deleted using the command -

iptables -D OUTPUT -o eth0 -p icmp -j DROP

then I couldnt ping also. Another thing I found is my firefox is not connecting to the internet as well, but before writing the script, I can connect to internet.

I did a "dhclient" & iptables -F....

View 6 Replies View Related

Ubuntu :: Using SED To Grab URLs?

May 30, 2010

Is there a way with SED to read this link:

[URL]

and then pull the individual links and list them in order each on a separate line? like...

[URL]

If SED can't do this is there another command or program that will?

View 1 Replies View Related

Programming :: Extracting URLs From Strings?

Jun 28, 2009

I have a PHP script written that is checking a string to see if it contains a link in it (i.e. a URL). I have the following if statement, that uses 3 possible regular expressions to determine if there is a link or not.

Code:
// check if we found a link
// links are denoted by strings that:
// - contain http://
// - contain www.*.*

[Code]....

I'm not convinced yet that writing a shell script to do this is the best course of action. If someone is capable of doing this with a Perl or a Python script that's fine too. If you want to make it super high performance and write it in assembly

View 1 Replies View Related

Ubuntu :: Linking To External URLs In Tomboy?

Jul 18, 2010

Is there any way to embed a URL to an external web page in the text of a tomboy note, in the same way that other notes are linked to? I know I can just pates the URL into the note and have it link out, but when the link is over a hundred characters long (not kidding) then that stops being an option.

View 1 Replies View Related







Copyrights 2005-15 www.BigResource.com, All rights reserved