Difference between revisions of "Facebook Block Https"
From MS Computech
| Line 7: | Line 7: | ||
</pre> | </pre> | ||
[http://www.clearfoundation.com/component/option,com_kunena/Itemid,232/catid,7/func,view/id,16002/ Source] | [http://www.clearfoundation.com/component/option,com_kunena/Itemid,232/catid,7/func,view/id,16002/ Source] | ||
| + | |||
| + | Another method | ||
| + | |||
| + | <pre> | ||
| + | FACEBOOK_ALLOW="192.168.1.12 192.168.1.14 192.168.1.111" | ||
| + | iptables -N FACEBOOK | ||
| + | |||
| + | iptables -I FORWARD -m tcp -p tcp -m iprange --dst-range 66.220.144.0-66.220.159.255 --dport 443 -j FACEBOOK | ||
| + | iptables -I FORWARD -m tcp -p tcp -m iprange --dst-range 69.63.176.0-69.63.191.255 --dport 443 -j FACEBOOK | ||
| + | iptables -I FORWARD -m tcp -p tcp -m iprange --dst-range 204.15.20.0-204.15.23.255 --dport 443 -j FACEBOOK | ||
| + | iptables -I FORWARD -m tcp -p tcp -m iprange --dst-range 66.220.144.0-66.220.159.255 --dport 80 -j FACEBOOK | ||
| + | iptables -I FORWARD -m tcp -p tcp -m iprange --dst-range 69.63.176.0-69.63.191.255 --dport 80 -j FACEBOOK | ||
| + | iptables -I FORWARD -m tcp -p tcp -m iprange --dst-range 204.15.20.0-204.15.23.255 --dport 80 -j FACEBOOK | ||
| + | |||
| + | ## FACEBOOK ALLOW | ||
| + | for face in $FACEBOOK_ALLOW; do | ||
| + | iptables -A FACEBOOK -s $face -j ACCEPT | ||
| + | done | ||
| + | iptables -A FACEBOOK -j REJECT | ||
| + | </pre> | ||
| + | |||
| + | [http://blog.kdn2.info/2010/11/block-facebook-com-with-iptables/ Source] | ||
Revision as of 12:53, 25 November 2010
nano /etc/rc.d/rc.firewall.local
iptables -t nat -I PREROUTING -m tcp -p tcp -m iprange --dst-range 69.63.176.0-69.63.191.255 --dport 80 -j DROP iptables -t nat -I PREROUTING -m tcp -p tcp -d 66.220.147.22 --dport 80 -j DROP iptables -t nat -I PREROUTING -m tcp -p tcp -d 66.220.147.22 --dport 443 -j DROP iptables -t nat -I PREROUTING -m tcp -p tcp -m iprange --dst-range 69.63.176.0-69.63.191.255 --dport 443 -j DROP
Another method
FACEBOOK_ALLOW="192.168.1.12 192.168.1.14 192.168.1.111"
iptables -N FACEBOOK
iptables -I FORWARD -m tcp -p tcp -m iprange --dst-range 66.220.144.0-66.220.159.255 --dport 443 -j FACEBOOK
iptables -I FORWARD -m tcp -p tcp -m iprange --dst-range 69.63.176.0-69.63.191.255 --dport 443 -j FACEBOOK
iptables -I FORWARD -m tcp -p tcp -m iprange --dst-range 204.15.20.0-204.15.23.255 --dport 443 -j FACEBOOK
iptables -I FORWARD -m tcp -p tcp -m iprange --dst-range 66.220.144.0-66.220.159.255 --dport 80 -j FACEBOOK
iptables -I FORWARD -m tcp -p tcp -m iprange --dst-range 69.63.176.0-69.63.191.255 --dport 80 -j FACEBOOK
iptables -I FORWARD -m tcp -p tcp -m iprange --dst-range 204.15.20.0-204.15.23.255 --dport 80 -j FACEBOOK
## FACEBOOK ALLOW
for face in $FACEBOOK_ALLOW; do
iptables -A FACEBOOK -s $face -j ACCEPT
done
iptables -A FACEBOOK -j REJECT
