Yes, you can use list from a file. You should use the
following commands:
for i in `cat /etc/blocklist.txt` ; do
iptables -A FORWARD -d $i -j REJECT
done
You can put these commands in the file with other firewall configuration
commands. I think that most logical place for them is rc.filewall.
Alexey Fadyushin
Brainbench MVP for Linux.
http://www.brainbench.com
>Thank you for your great help
>
>can you tell me one more thing
>in <list_of_servers> can i add path of list like
>for i in < /etc/blocklist.txt>;do
>iptables -A FORWARD -d $i -j REJECT
>
>and tell me where should i add this lines in rc.firewall or somewhere.
>Thanks and let me know
>
>
>
>
>Alexey Fadyushin <fab@xxxxxxxxxxxx> wrote:
>
> Of course, squid is more efficient solution. But the question was about
> iptables. As I understood, squid has not been installed on the router
> in question.
>
> Alexey Fadyushin.
> Brainbench MVP for Linux.
> http://www.brainbench.com
>
> "Rigler, Steve" wrote:
>
> Wouldn't it be more efficient to set up squid and use it to
block adult sites?
>
> -Steve
>
> > -----Original Message-----
> > From: redhat-list-admin@xxxxxxxxxx
> > [mailto:redhat-list-admin@xxxxxxxxxx]On Behalf Of Alexey
Fadyushin
> > Sent: Wednesday, December 24, 2003 8:04 AM
> > To: redhat-list@xxxxxxxxxx
> > Subject: Re: How do i Block Adult Sites through IPTABLE
> >
> >
> > You should add the following string(s) in the rc.firewall:
> >
> > iptables -A FORWARD -d 1.2.3.4 -j REJECT
> >
> > where 1.2.3.4 should be replaced with the address of the
adult server
> > to be blocked.
> > You should repeat this string for all the servers you need to
block.
> > Of course, if you have many servers to block, you can use
shell's
> > operators (such as 'for') around that string to automatically
> > replace the address for each server. For example:
> >
> > for i in ; do
> > iptables -A FORWARD -d $i -j REJECT
> > done
> >
> > Alexey Fadyushin.
> > Brainbench MVP for Linux.
> > http://www.brainbench.com
> >
> > >
> > Thanks you are helping me
> > >I have installed RedHat 8.0 that is with two eth card and
> > runing as proxy server
> > >
> > >i have added rulesin rc.firewall file and proxy is working
> > >
> > ># Masquerade
> > >
> > >iptables -t nat -A POSTROUTING -o $EX_ETH -j MASQUERADE
> > >
> > >iptables -A OUTPUT -s $LOCAL_NET -o $EX_ETH -j ACCEPT
> > >
> > ># Turn on IP forwarding
> > >
> > >echo 1 > /proc/sys/net/ipv4/ip_forward
> > >
> > >so how can i block all adult sites
> > >
> >
> >
> >
> >
> > Alexey Fadyushin wrote:
> >
> > If you need to block the access to that sites locally
> > (i.e. from
> > the
> > computer on which you run iptables, you can use the following
> > command:
> >
> > iptables -A OUTPUT -d -j REJECT
> >
> > alternatively, yuo can add the following string to
> > /etc/sysconfig/iptables
> > (in the 'filter' table):
> >
> > -A OUTPUT -d -j REJECT
> >
> > If you want to block the access from another machine, for
which
> > your
> > computer
> > is acting as a router, you should change 'OUTPUT' to
> > 'FORWARD' in
> > the
> > examples
> > above.
> >
> > Alexey Fadyushin.
> > Brainbench MVP for Linux.
> > http://www.brainbench.com
> >
> > Nilesh wrote:
> > >
> > > Hello
> > >
> > > How do i block Adult XXX sites through iptables
> > >
> > > can any one help me
> > >
> > > Thanks
> > >
> > >
> > >
> >
----------------------------------------------------------------------
> > > Do you Yahoo!?
> > > Yahoo! Photos - Get your photo on the big screen in Times
> > Square
> >
> >
> > --
> > redhat-list mailing list
> > unsubscribe
> > mailto:redhat-list-request@xxxxxxxxxx?subject=unsubscribe
> > https://www.redhat.com/mailman/listinfo/redhat-list
> >
> >
> > Do you Yahoo!?
> > Yahoo! Photos - Get your photo on the big screen in Times
Square
> >
> >
> > --
> > redhat-list mailing list
> > unsubscribe
mailto:redhat-list-request@xxxxxxxxxx?subject=unsubscribe
> > https://www.redhat.com/mailman/listinfo/redhat-list
> >
> >
>
> --
> redhat-list mailing list
> unsubscribe
mailto:redhat-list-request@xxxxxxxxxx?subject=unsubscribe
> https://www.redhat.com/mailman/listinfo/redhat-list
--
redhat-list mailing list
unsubscribe
mailto:redhat-list-request@xxxxxxxxxx?subject=unsubscribe
https://www.redhat.com/mailman/listinfo/redhat-list
>Do you Yahoo!?
>Yahoo! Photos - Get your photo on the big screen in Times Square
--
redhat-list mailing list
unsubscribe mailto:redhat-list-request@xxxxxxxxxx?subject=unsubscribe
https://www.redhat.com/mailman/listinfo/redhat-list
