| 1 |
Alan McKinnon wrote: |
| 2 |
> On Saturday 13 September 2008 23:36:13 pk wrote: |
| 3 |
> |
| 4 |
>> Hello, |
| 5 |
>> |
| 6 |
>> I am using shorewall on my local computer (the same I'm surfing the web |
| 7 |
>> with). My skills with iptables are not really good and my understanding |
| 8 |
>> of networking also has some holes in it... However, I'm trying to |
| 9 |
>> prevent firefox from accessing a third party site; I'm logging onto a |
| 10 |
>> site with firefox. With netstat I can see that besides the usual ip |
| 11 |
>> address belonging to the site another ip-address (not belonging to the |
| 12 |
>> original site) shows up. While trying to block the additional ip address |
| 13 |
>> with both "iptables -A INPUT -s xxxx -j DROP" and "iptables -A OUTPUT -d |
| 14 |
>> xxxx -j DROP" it still sends a SYN request to this site. This makes |
| 15 |
>> firefox just sit there waiting for a time-out. How can I prevent firefox |
| 16 |
>> from accessing the other site, while still accessing the original one? |
| 17 |
>> |
| 18 |
> |
| 19 |
> That's always going to be problematic. Firefox does not know that you have |
| 20 |
> firewalled that address, so will continue doing exactly what it always did - |
| 21 |
> send a SYN and wait for the response. |
| 22 |
> |
| 23 |
> So you'll need to tell Firefox that that IP is banned, in which case you don't |
| 24 |
> need iptables, you need a Firefox plug-in. Go to mozilla's site and find |
| 25 |
> something appropriate. I'll bet there's one already and it's probably called |
| 26 |
> SiteBlock |
| 27 |
> |
| 28 |
> |
| 29 |
|
| 30 |
Wouldn't adblock do the same thing? To block say all of google, he |
| 31 |
could block this: *.google.com/* Nothing google should come through. |
| 32 |
At least that is how I do it here with Seamonkey. |
| 33 |
|
| 34 |
Just curious. |
| 35 |
|
| 36 |
Dale |
| 37 |
|
| 38 |
:-) :-) |
Archives