[Firewall] Hi

Eli Wapniarski eli at orbsky.homelinux.org
Mon Jul 7 23:05:11 CEST 2014


Hi Lonnie.

It turns out that there us is a much simpler solution. All I had to do was add

127.0.0.1 www.facebook.com facebook.com

to my host file.

That did the trick.

I very much appreciate the time that you spent on this.

Sincerely

Eli

On Monday 07 July 2014 04:33:39 Lonnie Abelbeck wrote:
> Eli,
> 
> Ahhh, yes BLOCK_HOSTS_FILE will apply to everyone, a second look I see you
> only want it to apply to one internal IP address.
> 
> Since AIF is on your router for a LAN, then adding to the
> LAN_INET_FORWARD_CHAIN is the most efficient, and using REJECT instead of
> DROP is probably better in this case.
> 
> Another untested script, this time for your AIF custom-rules...
> 
> ---- /etc/arno-iptables-firewall/custom-rules snippet ----
> 
> # Reject Facebook for LAN host(s)
> for shost in internal.host.ip.address; do
>   echo "[CUSTOM RULE] Reject Facebook for $shost -> INET"
>   for dhost in $(whois -h whois.radb.net '!gAS32934' | grep '/'); do
>     iptables -A LAN_INET_FORWARD_CHAIN -s $shost -d $dhost -j REJECT
>   done
> done
> 
> ----
> Multiple internal.host.ip.address's can be added on the first 'for' if
> needed.
> 
> Though, you will have to do a "arno-iptables-firewall restart" to update the
> rules.
> 
> Lonnie
> 
> On Jul 6, 2014, at 10:49 PM, Eli Wapniarski wrote:
> > Thanks for responding Lonnie
> > 
> > Correct me if I'm wrong, the block hosts file will block everybody won't
> > it?? Actually, the hard work that I did was to google it. lol???
> > 
> > Eli
> > 
> > On Sunday 06 July 2014 22:14:01 Lonnie Abelbeck wrote:
> >> Eli,
> >> 
> >> If you are not already using the BLOCK_HOSTS_FILE, enable it in
> >> firewall.conf: --
> >> BLOCK_HOSTS_FILE="/etc/arno-iptables-firewall/blocked-hosts"
> >> --
> >> 
> >> Then run this **untested** script via cron every day or so...
> >> 
> >> ---- cron script ----
> >> #!/bin/sh
> >> 
> >> BLOCK_HOSTS_FILE="/etc/arno-iptables-firewall/blocked-hosts"
> >> 
> >> (
> >> 
> >>  for ip in $(whois -h whois.radb.net '!gAS32934' | grep '/'); do
> >>  
> >>    echo "$ip"
> >>  
> >>  done
> >> 
> >> ) > "$BLOCK_HOSTS_FILE"
> >> 
> >> arno-iptables-firewall force-reload
> >> ----
> >> 
> >> You did the hard work with the 'whois' :-)
> >> 
> >> Lonnie
> >> 
> >> On Jul 6, 2014, at 7:22 AM, Eli Wapniarski wrote:
> >>> I was wondering if anyone can help.
> >>> 
> >>> I probably need to write a custom rule to block facebook access from a
> >>> specific ip address on my internal network. I am having a weird problem
> >>> that where the launcher for an mmorpg game on that computer first runs,
> >>> it tries to access facebook and then crashes. If access to facebook is
> >>> blocked, then the launcher and the game works just fine. The developers
> >>> have been alerted and they are working on a fix.
> >>> 
> >>> In the meantime, I need to have a rule in place to block all of
> >>> facebooks
> >>> ips.
> >>> 
> >>> 
> >>> I've found a script, which does work, but it would be cool if I could
> >>> turn
> >>> this into a custom rule for arnos-iptables-firewall. The script follows
> >>> 
> >>> for ip in `whois -h whois.radb.net '!gAS32934' | grep /`; do   iptables
> >>> -A
> >>> OUTPUT  -p all -d $ip -s internal.host.ip.address -j DROP; done
> >>> 
> >>> Thanks
> >> 
> >> _______________________________________________
> >> Firewall mailing list
> >> Firewall at rocky.eld.leidenuniv.nl
> >> http://rocky.eld.leidenuniv.nl/mailman/listinfo/firewall
> >> Arno's (Linux IPTABLES Firewall) Homepage:
> >> http://rocky.eld.leidenuniv.nl
> > 
> > _______________________________________________
> > Firewall mailing list
> > Firewall at rocky.eld.leidenuniv.nl
> > http://rocky.eld.leidenuniv.nl/mailman/listinfo/firewall
> > Arno's (Linux IPTABLES Firewall) Homepage:
> > http://rocky.eld.leidenuniv.nl
> 
> _______________________________________________
> Firewall mailing list
> Firewall at rocky.eld.leidenuniv.nl
> http://rocky.eld.leidenuniv.nl/mailman/listinfo/firewall
> Arno's (Linux IPTABLES Firewall) Homepage:
> http://rocky.eld.leidenuniv.nl



More information about the Firewall mailing list