Gentoo Archives: gentoo-user

From: pk <peterk2@××××××××.se>
To: GentooUser <gentoo-user@l.g.o>
Subject: [gentoo-user] Trying to block third party ip address with iptables...
Date: Sat, 13 Sep 2008 21:36:50
1 Hello,
3 I am using shorewall on my local computer (the same I'm surfing the web
4 with). My skills with iptables are not really good and my understanding
5 of networking also has some holes in it... However, I'm trying to
6 prevent firefox from accessing a third party site; I'm logging onto a
7 site with firefox. With netstat I can see that besides the usual ip
8 address belonging to the site another ip-address (not belonging to the
9 original site) shows up. While trying to block the additional ip address
10 with both "iptables -A INPUT -s xxxx -j DROP" and "iptables -A OUTPUT -d
11 xxxx -j DROP" it still sends a SYN request to this site. This makes
12 firefox just sit there waiting for a time-out. How can I prevent firefox
13 from accessing the other site, while still accessing the original one?
15 Best regards
17 Peter K