Re: How do i Block Adult Sites through IPTABLE

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Yes, you can use list from a file. You should use the
following commands:

for i in `cat /etc/blocklist.txt` ; do
        iptables -A FORWARD -d $i -j REJECT 
done

You can put these commands in the file with other firewall configuration
commands. I think that most logical place for them is rc.filewall.


Alexey Fadyushin
Brainbench MVP for Linux.
http://www.brainbench.com

>Thank you for your great help 
> 
>can you tell me one more thing 
>in <list_of_servers> can i add path of list like 
>for i in < /etc/blocklist.txt>;do
>iptables -A FORWARD -d $i -j REJECT 
> 
>and tell me where should i add this lines in rc.firewall or somewhere.
>Thanks and let me know 
> 
> 
>
>
>Alexey Fadyushin <fab@xxxxxxxxxxxx> wrote:
>
>       Of course, squid is more efficient solution. But the question was about
>       iptables. As I understood, squid has not been installed on the router
>       in question.
>
>       Alexey Fadyushin.
>       Brainbench MVP for Linux.
>       http://www.brainbench.com
>
>       "Rigler, Steve" wrote:
       > 
       > Wouldn't it be more efficient to set up squid and use it to
block adult sites?
       > 
       > -Steve
       > 
       > > -----Original Message-----
       > > From: redhat-list-admin@xxxxxxxxxx
       > > [mailto:redhat-list-admin@xxxxxxxxxx]On Behalf Of Alexey
Fadyushin
       > > Sent: Wednesday, December 24, 2003 8:04 AM
       > > To: redhat-list@xxxxxxxxxx
       > > Subject: Re: How do i Block Adult Sites through IPTABLE
       > >
       > >
       > > You should add the following string(s) in the rc.firewall:
       > >
       > > iptables -A FORWARD -d 1.2.3.4 -j REJECT
       > >
       > > where 1.2.3.4 should be replaced with the address of the
adult server
       > > to be blocked.
       > > You should repeat this string for all the servers you need to
block.
       > > Of course, if you have many servers to block, you can use
shell's
       > > operators (such as 'for') around that string to automatically
       > > replace the address for each server. For example:
       > >
       > > for i in ; do
       > > iptables -A FORWARD -d $i -j REJECT
       > > done
       > >
       > > Alexey Fadyushin.
       > > Brainbench MVP for Linux.
       > > http://www.brainbench.com
       > >
       > > >
       > > Thanks you are helping me
       > > >I have installed RedHat 8.0 that is with two eth card and
       > > runing as proxy server
       > > >
       > > >i have added rulesin rc.firewall file and proxy is working
       > > >
       > > ># Masquerade
       > > >
       > > >iptables -t nat -A POSTROUTING -o $EX_ETH -j MASQUERADE
       > > >
       > > >iptables -A OUTPUT -s $LOCAL_NET -o $EX_ETH -j ACCEPT
       > > >
       > > ># Turn on IP forwarding
       > > >
       > > >echo 1 > /proc/sys/net/ipv4/ip_forward
       > > >
       > > >so how can i block all adult sites
       > > >
       > >
       > >
       > >
       > >
       > > Alexey Fadyushin wrote:
       > >
       > > If you need to block the access to that sites locally
       > > (i.e. from
       > > the
       > > computer on which you run iptables, you can use the following
       > > command:
       > >
       > > iptables -A OUTPUT -d -j REJECT
       > >
       > > alternatively, yuo can add the following string to
       > > /etc/sysconfig/iptables
       > > (in the 'filter' table):
       > >
       > > -A OUTPUT -d -j REJECT
       > >
       > > If you want to block the access from another machine, for
which
       > > your
       > > computer
       > > is acting as a router, you should change 'OUTPUT' to
       > > 'FORWARD' in
       > > the
       > > examples
       > > above.
       > >
       > > Alexey Fadyushin.
       > > Brainbench MVP for Linux.
       > > http://www.brainbench.com
       > >
       > > Nilesh wrote:
       > > >
       > > > Hello
       > > >
       > > > How do i block Adult XXX sites through iptables
       > > >
       > > > can any one help me
       > > >
       > > > Thanks
       > > >
       > > >
       > > >
       > >
----------------------------------------------------------------------
       > > > Do you Yahoo!?
       > > > Yahoo! Photos - Get your photo on the big screen in Times
       > > Square
       > >
       > >
       > > --
       > > redhat-list mailing list
       > > unsubscribe
       > > mailto:redhat-list-request@xxxxxxxxxx?subject=unsubscribe
       > > https://www.redhat.com/mailman/listinfo/redhat-list
       > >
       > >
       > > Do you Yahoo!?
       > > Yahoo! Photos - Get your photo on the big screen in Times
Square
       > >
       > >
       > > --
       > > redhat-list mailing list
       > > unsubscribe
mailto:redhat-list-request@xxxxxxxxxx?subject=unsubscribe
       > > https://www.redhat.com/mailman/listinfo/redhat-list
       > >
       > >
       > 
       > --
       > redhat-list mailing list
       > unsubscribe
mailto:redhat-list-request@xxxxxxxxxx?subject=unsubscribe
       > https://www.redhat.com/mailman/listinfo/redhat-list


       -- 
       redhat-list mailing list
       unsubscribe
mailto:redhat-list-request@xxxxxxxxxx?subject=unsubscribe
       https://www.redhat.com/mailman/listinfo/redhat-list


>Do you Yahoo!?
>Yahoo! Photos - Get your photo on the big screen in Times Square


-- 
redhat-list mailing list
unsubscribe mailto:redhat-list-request@xxxxxxxxxx?subject=unsubscribe
https://www.redhat.com/mailman/listinfo/redhat-list

[Index of Archives]     [CentOS]     [Kernel Development]     [PAM]     [Fedora Users]     [Red Hat Development]     [Big List of Linux Books]     [Linux Admin]     [Gimp]     [Asterisk PBX]     [Yosemite News]     [Red Hat Crash Utility]


  Powered by Linux