Block outgoin by URL

Issues related to configuring your network
Post Reply
robertomx
Posts: 1
Joined: 2017/07/05 23:52:10

Block outgoin by URL

Post by robertomx » 2017/07/06 00:09:46

Hello, it is possible to block the output of network traffic to a particular URL eg block the output to example.com or net1.example.com using firewalld or iptables in any case otherwise you could do this, I have managed to block The output to a particular port using firewalld rules with firewall-cmd but is not what I am looking for already blocking the output of http or https blocks all outputs in general

regards

Roberto García
Top
User avatar
avij
Retired Moderator
Posts: 3046
Joined: 2010/12/01 19:25:52
Location: Helsinki, Finland
Contact:
Contact avij

Re: Block outgoin by URL

Post by avij » 2017/07/06 04:14:17

This is fairly easy to do with squid, a HTTP proxy. I use this myself at home to block the most annoying ads.

squid.conf:

Code: Select all

acl bad_url dstdomain "/etc/squid/bad-sites.acl"
http_access deny bad_url
bad-sites.acl:

Code: Select all

.example.com
net1.example.com
www.someblockedsite.com
Automagically redirecting the traffic to the proxy (see "transparent proxy" from your favourite search engine) might need some clever firewall rules, though. This is not a problem for myself, because I can simply point the single browser I use to the proxy.
Top
Post Reply

Return to “CentOS 7 - Networking Support”