I am trying to block a few websites on a lucid lynx, I tried editing /etc/hosts and that blocks access via url but the site still open if I enter the ip on the browser, how can I block ip access also? (without using any extra software besides what linux 10.04 have by default)
1 Answer
You can block the website's IP using an iptables rule. Something along the flavor provided below.
iptables -A OUTPUT -d 0.0.0.0 -j DROP
Just replace the zeros with the IP of the website you wish to deny access to. This syntax also supports a wildcard. By typing an IP with a zero in it, you are effectively blocking the entire span of that field. For example, 192.168.13.0 references the IP range of 192.168.13.1 to 192.168.13.254.
In addition to blocking by IP, you can also block by hostname using this same syntax. Just change the IP address to the domain name and it'll do the rest of the work for you.
So you can do all of what you wanted in iptables (freeing up your hosts file from needless records).
-
I already tried that, with ip and domain, and I can't ping neither the ip or domain but I can access it using a webbrowser, do I need to restart the pc or some service?– ldablCommented Sep 1, 2010 at 2:31
-
1clear the browser cache...– user1931Commented Sep 1, 2010 at 2:34
-
Interesting. I'm runing Lucid Lynx right now and it appears to be working as I explained. All changes should be immediate as well. Are you certain that it's applying itself to the output chain? Try checking the rule by typing iptables -L Make certain that it's in the OUTPUT chain and that it's forwarding to drop.– MiesCommented Sep 1, 2010 at 2:35
-
on iptables -L i see the rule but the ip has been replaced by the resolved hostname. I see something like this: DROP all -- anywhere random.stuff.static.theplanet.com. Tried clearing cache but website still loads up fine.– ldablCommented Sep 1, 2010 at 2:51
-
1I had to close ufw and it worked, but how can I make it work while having ufw running? I tried "ufw deny from ip" but that didnt work.– ldablCommented Sep 1, 2010 at 3:14