Blocking domain via ufw and iptables

iptables ip ubuntu-12.04 domain-name ufw
5,363

Solution 1

If it's a question of your students, then they might want it for their own computer. They can modify their etc/hosts file and map that domain to a different IP address like:

127.0.0.1    www.firstlightfcu.org   # localhost
192.168.1.5  return.empty.example    # just some other address

Depending on what they map the domain name to, they will see different error messages, timeouts or just nothing.

Be aware, though, that many web servers are not reachable by their IP address alone, because that IP address hosts more than one domain. So the web server will give you one of those domains it hosts, not necessarily the domain you (they) want.

You may want to read https://pi-hole.net/ to learn more about such techniques to modify browser experience.

Solution 2

First, UFW is just a frontend of iptables. If you know how to write iptables rules then you don't need UFW since it basically just translates your so-called uncomplicated rules to iptables.

Secondly, blocking domain name using iptables is not quite effective since the name resolution works on the application layer; you make a request to a DNS server which would return ip address of the given domain in your DNS request; while iptables is more suitable to filter communication on network and transport layer.

What you can do is to configure a proxy server for your clients which you can use to block access to a particular domain name, on the application layer, without blocking the ip address of that domain itself. To make your clients to use your proxy without making configuration on each client, you can use transparent proxy.

Share:
5,363

Related videos on Youtube

Admin
Author by

Admin

Updated on September 18, 2022

Comments

  • Admin
    Admin over 1 year

    Does anyone know a way to block the domain name of a website (www.firstlightfcu.org) while still allowing access to the site using the IP address (174.122.168.43)? I tried blocking the website using iptables which worked perfectly and then allowing the IP address using ufw. The site is blocked altogether whether I use IP address or domain name to access it. I know this is supposed to be possible but I guess I'm missing something and I'm a new user with ubuntu. Any help pointing me in the right direction would be greatly appreciated.

    • Admin
      Admin over 6 years
      You'd have to analyze the traffic at the application layer. This kind of behavior is better suited to a (transparent) proxy that can block on server name and SNI.
    • Admin
      Admin over 6 years
      Problem I see with that is the site seems to be served via HTTPS so it wouldn't necessarily be proxy-able. Need more info on how your network is setup, what clients and how many, etc. For example, if you run your own internal DNS server you could spoof the domain name and point it to 0.0.0.0 or soem internal server w/ a "nice" error message, etc. And out of curiosity, why block a bank's website?

Recents

Why Is PNG file with Drop Shadow in Flutter Web App Grainy?
How to troubleshoot crashes detected by Google Play Store for Flutter app
Cupertino DateTime picker interfering with scroll behaviour
Why does awk -F work for most letters, but not for the letter "t"?
Flutter change focus color and icon color but not works
How to print and connect to printer using flutter desktop via usb?
Critical issues have been reported with the following SDK versions: com.google.android.gms:play-services-safetynet:17.0.0
Flutter Dart - get localized country name from country code
navigatorState is null when using pushNamed Navigation onGenerateRoutes of GetMaterialPage
Android Sdk manager not found- Flutter doctor error
Flutter Laravel Push Notification without using any third party like(firebase,onesignal..etc)
How to change the color of ElevatedButton when entering text in TextField

Related

Locked myself out of SSH with UFW
UFW BLOCK syslog - tcp/ip is blocked and this is allowed in UFW - GPS TRACKING/TCP/UDP report server
Configuring NAT with ufw instead iptables
UFW 'default deny incoming' doesn't work
ufw firewall deny outgoing but allow browser
what does this mean "80/tcp filtered http"
Use iptables to block all incoming IPs
UFW is not working in an LXC container
'ip rule flush' breaks all connectivity
Configure UFW to allow only established and related conections (on IPv4)