Monday, July 16, 2007

Linux: Blocking a Website

16/07/07
I learned today how to block a website using iptables command. You just have to type the following

iptables -I INPUT -s -d 0/0 -j DROP

I blocked orkut by using

iptables -I INPUT -s www.orkut.com -d 0/0 -j DROP

It is recommended to use IP addresses instead of hostname. But I used hostname, so that my roommates have no difficulty in deleting the rule.

To know all the possible IP addresses of a website, use

host

Most of the times it'll give more than one addresses, so you have to define a rule for every IP address using the same syntax and it is highly recommended to use IP addresses than the hostname.
To delete the rule, the syntax is same. You have to only replace I with D

iptables -D INPUT -s -d 0/0 -j DROP

In my case I used

iptables -D INPUT -s www.orkut.com -d 0/0 -j DROP

I also edited my /etc/rc.d/rc.local file so that this rule will automatically load during boot time. I also edited one entry there. I deleted the line

echo 1 > /proc/sys/net/ipv4/ip_forward

This line was for enabling my computer to forward the ip packets from other computer to internet using my computer as gateway. So instead of setting the value of ip_forward by echo command, I
edited the Linux kernel config file: /etc/sysctl.conf
and set the following value

net.ipv4.ip_forward = 1

I searched a lot for iptables. There were many useful sites. The one that helped me most is
http://www.yolinux.com/TUTORIALS/

2 comments:

silentblogger said...

thank you very much. it worked. will i have to repeat it after booting or is this saved till i disable the rule. i only run the command.
thanks again

143man said...

i want more explanation pls and pls send the video in how unblock a website pls this is my e mail 143intn@gmail.com