SCIENTIFIC-LINUX-USERS Archives

October 2012

SCIENTIFIC-LINUX-USERS@LISTSERV.FNAL.GOV
Options: Use Monospaced Font
Show Text Part by Default
Show All Mail Headers

Message: [<< First] [< Prev] [Next >] [Last >>]
Topic: [<< First] [< Prev] [Next >] [Last >>]
Author: [<< First] [< Prev] [Next >] [Last >>]

Print Reply
Subject:
Re: Iptable rule required to block youtube
From:
David Sommerseth <[log in to unmask]>
Reply To:
David Sommerseth <[log in to unmask]>
Date:
Sat, 6 Oct 2012 02:45:59 +0200
Content-Type:
text/plain
Parts/Attachments:
text/plain (28 lines) 
----- Original Message ----- 
> From: "vivek chalotra" <[log in to unmask]>
> To: "Henrique Junior" <[log in to unmask]>
> Cc: "Konstantin Olchanski" <[log in to unmask]>,
> [log in to unmask]
> Sent: Friday, 5 October, 2012 9:10:24 AM
> Subject: Re: Iptable rule required to block youtube
>
> I have blocked youtube(ips from 74.125.236.0- 74.125.236.14) in my
> gateway machine using the below rules:
>
> iptables -A INPUT -i eth1 -s 74.125.236.0 -j DROP
> iptables -A INPUT -i eth1 -p tcp -s 74.125.236.0 -j DROP
> iptables -A INPUT -i eth0 -s 74.125.236.0 -j DROP
> iptables -A INPUT -i eth0 -p tcp -s 74.125.236.0 -j DROP

> but how to block on the whole network. Other hosts are still able to
> access youtube.

With "whole network", do you mean your local LAN which your firewall (this SL box you're configuring) controls?  If so, you should probably add those DROP rules to the FORWARD chain and not the INPUT chain.

See this URL for more info: <http://www.netfilter.org/documentation/HOWTO//packet-filtering-HOWTO-6.html>


kind regards,

David Sommerseth

ATOM RSS1 RSS2