How do I block this site in iptables?
by lucmove from LinuxQuestions.org on (#57VYA)
I want to completely block access to waterfox.net in iptables. I used these rules:
Code:iptables -A INPUT -s 51.159.31.11 -j DROP
iptables -A OUTPUT -d 51.159.31.11 -j DROP
iptables -I INPUT -p tcp --dport 80 -m string --string "Host: waterfox.net" --algo bm -j DROP
iptables -I INPUT -p tcp --dport 80 -m string --string "Host: www.waterfox.net" --algo bm -j DROP
iptables -I FORWARD -p udp --dport 53 -m string --hex-string "|03|www|08|waterfox|03|net" --algo bm -j DROP
iptables -A OUTPUT -p 53 -d waterfox.net -j DROP
iptables -A OUTPUT -p TCP -d waterfox.net -j DROPIt doesn't work. I don't really know what I'm doing. It blocks pinging, but the browser still can access it as usual.
What am I doing wrong?
TIA
Code:iptables -A INPUT -s 51.159.31.11 -j DROP
iptables -A OUTPUT -d 51.159.31.11 -j DROP
iptables -I INPUT -p tcp --dport 80 -m string --string "Host: waterfox.net" --algo bm -j DROP
iptables -I INPUT -p tcp --dport 80 -m string --string "Host: www.waterfox.net" --algo bm -j DROP
iptables -I FORWARD -p udp --dport 53 -m string --hex-string "|03|www|08|waterfox|03|net" --algo bm -j DROP
iptables -A OUTPUT -p 53 -d waterfox.net -j DROP
iptables -A OUTPUT -p TCP -d waterfox.net -j DROPIt doesn't work. I don't really know what I'm doing. It blocks pinging, but the browser still can access it as usual.
What am I doing wrong?
TIA