Results 1 to 5 of 5

Thread: Block all access to the internet

  1. #1
    Join Date
    Nov 2009
    Beans
    97
    Distro
    Ubuntu 11.10 Oneiric Ocelot

    Block all access to the internet

    I'm after a terminal command that will temporarily block all traffic to the internet (but still allow traffic internally) and obviously a command to restore it again. Any suggestions?

    Maybe replace the dns with a bogus value?

  2. #2
    Join Date
    Aug 2005
    Location
    South Carolina, USA
    Beans
    22,803
    Distro
    Ubuntu Development Release

    Re: Block all access to the internet

    That's certainly an option.
    Code:
    sudo su
    echo "nameserver 0.0.0.0" > /etc/resolv.conf
    exit
    Restore with "nameserver 8.8.8.8" etc.
    "Oh, Ubuntu, you are my favorite Linux-based operating system" --Dr. Sheldon Cooper, Ph.D.

  3. #3
    Join Date
    Jan 2009
    Location
    ::1
    Beans
    2,485

    Re: Block all access to the internet

    Quote Originally Posted by thecapsaicinkid View Post
    I'm after a terminal command that will temporarily block all traffic to the internet (but still allow traffic internally) and obviously a command to restore it again. Any suggestions?

    Maybe replace the dns with a bogus value?
    You can then still access Internet based on pure IP addresses.

    If you really want to block Internet, use a firewall, with a firewall GUI manager like https://help.ubuntu.com/community/Firestarter

  4. #4
    Join Date
    May 2010
    Location
    uk
    Beans
    9,374
    Distro
    Xubuntu 14.04 Trusty Tahr

    Re: Block all access to the internet

    Hi

    Another method is to delete your route to your default gateway. Take a look at this.
    Code:
    matthew@matthew-laptop:~$ route
    Kernel IP routing table
    Destination     Gateway         Genmask         Flags Metric Ref    Use Iface
    192.168.1.0     *               255.255.255.0   U     2      0        0 wlan0
    link-local      *               255.255.0.0     U     1000   0        0 wlan0
    default         DD-WRT          0.0.0.0         UG    0      0        0 wlan0
    matthew@matthew-laptop:~$ ping -c1 8.8.8.8
    PING 8.8.8.8 (8.8.8.8) 56(84) bytes of data.
    64 bytes from 8.8.8.8: icmp_seq=1 ttl=49 time=31.1 ms
    
    --- 8.8.8.8 ping statistics ---
    1 packets transmitted, 1 received, 0% packet loss, time 0ms
    rtt min/avg/max/mdev = 31.160/31.160/31.160/0.000 ms
    matthew@matthew-laptop:~$ sudo route del default
    matthew@matthew-laptop:~$ route
    Kernel IP routing table
    Destination     Gateway         Genmask         Flags Metric Ref    Use Iface
    192.168.1.0     *               255.255.255.0   U     2      0        0 wlan0
    link-local      *               255.255.0.0     U     1000   0        0 wlan0
    matthew@matthew-laptop:~$ ping -c1 8.8.8.8
    connect: Network is unreachable
    matthew@matthew-laptop:~$ ping -c1 192.168.1.1
    PING 192.168.1.1 (192.168.1.1) 56(84) bytes of data.
    64 bytes from 192.168.1.1: icmp_seq=1 ttl=64 time=6.48 ms
    
    --- 192.168.1.1 ping statistics ---
    1 packets transmitted, 1 received, 0% packet loss, time 0ms
    rtt min/avg/max/mdev = 6.489/6.489/6.489/0.000 ms
    matthew@matthew-laptop:~$ sudo route add default gw 192.168.1.1 wlan0
    matthew@matthew-laptop:~$ route
    Kernel IP routing table
    Destination     Gateway         Genmask         Flags Metric Ref    Use Iface
    192.168.1.0     *               255.255.255.0   U     2      0        0 wlan0
    link-local      *               255.255.0.0     U     1000   0        0 wlan0
    default         DD-WRT          0.0.0.0         UG    0      0        0 wlan0
    matthew@matthew-laptop:~$ ping -c1 8.8.8.8
    PING 8.8.8.8 (8.8.8.8) 56(84) bytes of data.
    64 bytes from 8.8.8.8: icmp_seq=1 ttl=49 time=27.5 ms
    
    --- 8.8.8.8 ping statistics ---
    1 packets transmitted, 1 received, 0% packet loss, time 0ms
    rtt min/avg/max/mdev = 27.556/27.556/27.556/0.000 ms
    matthew@matthew-laptop:~$
    It would boil down to two commands. This would be just for your computer though.

    Kind regards
    Last edited by matt_symes; October 11th, 2011 at 10:37 PM.
    If you believe everything you read, you better not read. ~ Japanese Proverb

    If you don't read the newspaper, you're uninformed. If you read the newspaper, you're mis-informed. - Mark Twain

    Thinking about becoming an Ubuntu Member?

  5. #5
    Join Date
    Jun 2011
    Location
    The Shadow Gallery
    Beans
    6,807

    Re: Block all access to the internet

    Quote Originally Posted by sanderj View Post
    You can then still access Internet based on pure IP addresses.

    If you really want to block Internet, use a firewall, with a firewall GUI manager like https://help.ubuntu.com/community/Firestarter
    I would agree that only resolution would cease

    I would TOTALLY disagree with firestarter though as it is out of date, unsupported and bug rich

    UFW if you want an interface to IPTables or GUFW if you want GUI.

    if you want to block internet traffic, unplug the cable/dsl cable

    or login to your router and down your WAN interface

    or as above change your route
    Feel Free to Bitcoin Tip: 135Rp4pwwYTHEJ4u8bxKaDQiC91N9LUoV2

    Backtrack - Giving machine guns to monkeys since 2006
    Kali-Linux - Adding a grenade launcher to the machine guns since 2013

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •