Re: Block Facebook with Layer7

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Hi, thank you Julien.

iptables -t filter -I FORWARD -p tcp --dport 80 -m string --string "host:
facebook.com" --icase --algo bm -j DROP

Of course, this won't work with HTTPS connections.

sorry, but to work with HTTPS just add an new rule with --dport 443 right ??








2012/9/17 Julien Vehent <julien@xxxxxxxxxxxxxx>:
> On 2012-09-17 18:30, Usuário do Sistema wrote:
>>
>> Hello everyone,
>>
>> it's possible to drop traffic to facebook with iptables Layer7 ? I
>> have done some test with Squid but I found some difficult because I'm
>> using Transparent Proxy so maybe it been  more easy to drop with
>> iptables layer7.
>>
>> any tips is welcome......as well as some how to....
>>
>>
>
> iptables -t filter -I FORWARD -p tcp --dport 80 -m string --string "host:
> facebook.com" --icase --algo bm -j DROP
>
> Of course, this won't work with HTTPS connections.
>
> --
> Julien Vehent - http://jve.linuxwall.info
--
To unsubscribe from this list: send the line "unsubscribe netfilter" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at  http://vger.kernel.org/majordomo-info.html


[Index of Archives]     [Linux Netfilter Development]     [Linux Kernel Networking Development]     [Netem]     [Berkeley Packet Filter]     [Linux Kernel Development]     [Advanced Routing & Traffice Control]     [Bugtraq]

  Powered by Linux