Frank Han's work sheet: Linux: 20 Iptables Examples For New SysAdmins

Friday, January 13, 2012

Linux: 20 Iptables Examples For New SysAdmins

Linux: 20 Iptables Examples For New SysAdmins: #11.1: Example - Block Facebook.com Domain

First, find out all ip address of facebook.com, enter:
# host -t a www.facebook.com

Sample outputs:

www.facebook.com has address 69.171.228.40
Find CIDR for 69.171.228.40, enter:
# whois 69.171.228.40 | grep CIDR

Sample outputs:

CIDR: 69.171.224.0/19
To prevent outgoing access to www.facebook.com, enter:
# iptables -A OUTPUT -p tcp -d 69.171.224.0/19 -j DROP

You can also use domain name, enter:
# iptables -A OUTPUT -p tcp -d www.facebook.com -j DROP
# iptables -A OUTPUT -p tcp -d facebook.com -j DROP

From the iptables man page:

... specifying any name to be resolved with a remote query such as DNS (e.g., facebook.com is a really bad idea), a network IP address (with /mask), or a plain IP address ...

Frank Han's work sheet

Friday, January 13, 2012

Linux: 20 Iptables Examples For New SysAdmins

No comments:

About Me

Blog Archive