Well I'm confused - nothing new there - I thought that a site appearing on my screen was an incoming service.
I await your researches, while I have a look myself.
Thanks caljohnsmith.
Well I'm confused - nothing new there - I thought that a site appearing on my screen was an incoming service.
I await your researches, while I have a look myself.
Thanks caljohnsmith.
Ubuntu User # 10657
ATI X600 on Dell 515m 3ghz cpu
I found this command ;
at this site;iptables -A INPUT -s 221.231.148.194 -j DROP
http://www.cyberciti.biz/faq/how-do-i-block-an-ip-on-my-linux-server/
that says this;
and this one;In order to block an IP on your Linux server you need to use iptables firewall. First you need to log into shell as root user. To block IP address you need to type iptables command as follows:
iptables -A INPUT -s IP-ADDRESS -j DROPat this site; http://forums.serverbeach.com/showthread.php?t=2241iptables -I INPUT -s IP_ADDRESS_HERE -j DROP
However I've noticed that site still come up.
All the sites I found basically gave the 1st command (using -A) but no mention of any other steps.
I checkedand the drop is in there but not working?/sbin/iptables -L
Ubuntu User # 10657
ATI X600 on Dell 515m 3ghz cpu
You could also use "Firestarter" to configure your firewall to block unwanted sites. It is an easy to use graphical tool and is in the repos. Ubuntu Hardy also has UFW https://wiki.ubuntu.com/UbuntuFirewall that is easier to use than iptables.
OK, carloslosgrande, I found out how to use iptables to block an IP address. The main problem with what you tried was using the "INPUT" table instead of the "OUTPUT" IP table. In other words, when you type in a website into Firefox, that is an outgoing request from your computer to get a web page from that website, which is why it should be defined in the OUTPUT IP table if you want to block it. Here's an example:
Any outgoing request from your computer to address 208.122.19.56 will be blocked. Now if you list the current iptables:Code:sudo iptables -A OUTPUT -d 208.122.19.56 -j REJECT
Then you will see your rule for 208.122.19.56 under the OUTPUT category. If you decide you want to delete it, and if it is the first entry under the OUTPUT category (for example), you could delete it with:Code:sudo iptables -L
Or replace the "1" above with whichever entry it is. Another way of deleting it is to fully specify it:Code:sudo iptables -D OUTPUT 1
Now the problem is that iptables only deals with IP addresses; the IP addresses of domains can change if they get a new hosting company for example, or in the case of heavily-used domains like google.com, they have more than one IP address. Thus if you want to block a specific website and not just an IP address (like me), then I would use previous poster 505's method and just add the website to the /etc/hosts file and link it to 127.0.0.1.Code:sudo iptables -D OUTPUT -d 208.122.19.56 -j REJECT
Anyway, hope that helps carloslosgrande.
Hi Ahmatti, actually I tried firestarter and there isn't any option to block - it blocks by default - the options are to allow. At least thats how I understand it.
The new ufw system looks even more complex, but perhaps the gui will be simpler? Not sure if its ready yet.
Thanks.
Ubuntu User # 10657
ATI X600 on Dell 515m 3ghz cpu
Hi caljohnsmith, thanks for that. Counterintuitive until you explained how it works.
I've now set it as per your instructions and I'm testing it now.
A whole day testing and no show of the offending IP - that worked a charm
Last edited by carloslosgrande; August 14th, 2008 at 12:57 AM. Reason: results
Ubuntu User # 10657
ATI X600 on Dell 515m 3ghz cpu
The solution from caljohnsmith worked fine except it doesn't stick. A few days ago the offending sites reappeared. I checked iptables and the line rejecting the ip address was missing.
So I ran the command again - worked, until next restart.
How can I make this permanent?
I thought a command like that would be permanent?
Ubuntu User # 10657
ATI X600 on Dell 515m 3ghz cpu
You could put the iptables command in your /etc/rc.local file, and then it will run the iptables command every time on start up. Any command in the rc.local file is run as root, so no need to put a "sudo" in front of it. And although I've never used it, you might want to check out "firestarter", which is basically a nice GUI for iptables; it will keep your changes between reboots. Good luck and let me know how it goes, or if you need any more info.
If you have a router in your configuration (most broadband modems have router functions as well) you can block it at the router, keeping it from ever making it as far as your computer.
On a linksys router for instance, you can block by website under "Access Restrictions" tab.
It will be something similar on most consumer grade routers.
I never played with iptables much, I generally blacklist sites using my router.
GL
Well the easist way was already disclosed in post number 2. Redirecting using the "hosts" file. /etc/hosts not /etc/hosts.deny
edit that file and you will see examples of how to use it properly. It's a great tool. I use it all the time to block certain sites from the kids computers.
Mac Pro 5,1 6-Core 3.33GHz, 48GB, Sapphire RX580
Optical -- Apple Super Drive & MCE Internal Blu-ray
512GB SM 970 Pro NVMe/HighPoint 7101A/10.14.5
SonnetAllegro Pro USB 3/ 4TB WD/4TB - Barracuda
Bookmarks