[Firewall] Hi

Lonnie Abelbeck lists at lonnie.abelbeck.com
Mon Jul 7 05:14:01 CEST 2014


Eli,

If you are not already using the BLOCK_HOSTS_FILE, enable it in firewall.conf:
--
BLOCK_HOSTS_FILE="/etc/arno-iptables-firewall/blocked-hosts"
--

Then run this **untested** script via cron every day or so...

---- cron script ----
#!/bin/sh

BLOCK_HOSTS_FILE="/etc/arno-iptables-firewall/blocked-hosts"

(
  for ip in $(whois -h whois.radb.net '!gAS32934' | grep '/'); do
    echo "$ip"
  done
) > "$BLOCK_HOSTS_FILE"

arno-iptables-firewall force-reload
----

You did the hard work with the 'whois' :-)

Lonnie


On Jul 6, 2014, at 7:22 AM, Eli Wapniarski wrote:

> I was wondering if anyone can help.
> 
> I probably need to write a custom rule to block facebook access from a specific ip address on my internal network. I am having a weird problem that where the launcher for an mmorpg game on that computer first runs, it tries to access facebook and then crashes. If access to facebook is blocked, then the launcher and the game works just fine. The developers have been alerted and they are working on a fix.
> 
> In the meantime, I need to have a rule in place to block all of facebooks ips.
> 
> 
> I've found a script, which does work, but it would be cool if I could turn this into a custom rule for arnos-iptables-firewall. The script follows
> 
> for ip in `whois -h whois.radb.net '!gAS32934' | grep /`; do   iptables -A OUTPUT  -p all -d $ip -s internal.host.ip.address -j DROP; done
> 
> Thanks



More information about the Firewall mailing list