In a previous article, we showed how to block specific domains at the DNS level using iptables. Today, we will expand into that and show how to also block HTTP requests for a specific domain (or URL) in there. Iptables String Matching Iptables string matching is very powerful and easier to use than the hex-string…
Category: iptables
2st Commandment: Default-block for iptables
2nd Commandment: You shall always default to block on your iptables rules. If you are configuring iptables (or any firewall for that matter), you should always start with a block all rule. Within iptables, it is very easy to do with: /sbin/iptables -I INPUT -j DROP -m comment –comment “Blocking all traffic by default” So…
1st Commandment: Always comment your iptables rules
1st Commandment: You shall always comment your iptables rules. If you are writing an iptables rule, you need to comment it. Period. Whenever someone is trying to understand what is going on with your system and they run iptables -nvL and they see something like this (from our previous post on blocking custom domains via…
Tips and Tricks: Blocking DNS requests via Iptables
If there is a tool we love, it is called iptables. The default firewall tool chain on Linux has a lot of options to filter pretty much any traffic you wish. In this Tips and Tricks, we will show you how to block DNS requests (domain names) via iptables. Enjoy! Understanding DNS DNS is binary…