Hi, thank you Julien. iptables -t filter -I FORWARD -p tcp --dport 80 -m string --string "host: facebook.com" --icase --algo bm -j DROP Of course, this won't work with HTTPS connections. sorry, but to work with HTTPS just add an new rule with --dport 443 right ?? 2012/9/17 Julien Vehent <julien@xxxxxxxxxxxxxx>: > On 2012-09-17 18:30, Usuário do Sistema wrote: >> >> Hello everyone, >> >> it's possible to drop traffic to facebook with iptables Layer7 ? I >> have done some test with Squid but I found some difficult because I'm >> using Transparent Proxy so maybe it been more easy to drop with >> iptables layer7. >> >> any tips is welcome......as well as some how to.... >> >> > > iptables -t filter -I FORWARD -p tcp --dport 80 -m string --string "host: > facebook.com" --icase --algo bm -j DROP > > Of course, this won't work with HTTPS connections. > > -- > Julien Vehent - http://jve.linuxwall.info -- To unsubscribe from this list: send the line "unsubscribe netfilter" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
