Monday, July 16, 2007

Linux: Blocking a Website

I learned today how to block a website using iptables command. You just have to type the following

iptables -I INPUT -s -d 0/0 -j DROP

I blocked orkut by using

iptables -I INPUT -s -d 0/0 -j DROP

It is recommended to use IP addresses instead of hostname. But I used hostname, so that my roommates have no difficulty in deleting the rule.

To know all the possible IP addresses of a website, use


Most of the times it'll give more than one addresses, so you have to define a rule for every IP address using the same syntax and it is highly recommended to use IP addresses than the hostname.
To delete the rule, the syntax is same. You have to only replace I with D

iptables -D INPUT -s -d 0/0 -j DROP

In my case I used

iptables -D INPUT -s -d 0/0 -j DROP

I also edited my /etc/rc.d/rc.local file so that this rule will automatically load during boot time. I also edited one entry there. I deleted the line

echo 1 > /proc/sys/net/ipv4/ip_forward

This line was for enabling my computer to forward the ip packets from other computer to internet using my computer as gateway. So instead of setting the value of ip_forward by echo command, I
edited the Linux kernel config file: /etc/sysctl.conf
and set the following value

net.ipv4.ip_forward = 1

I searched a lot for iptables. There were many useful sites. The one that helped me most is