Wednesday, September 12, 2012

Block facebook on a proxied internet with iptables

Those who access internet by setting a proxy(insti proxy!!) in their browsers and want to block facebook on their computers can issue the following command as root on their linux box

iptables -I OUTPUT -m string --algo bm --string "" -j DROP

I can't control myself from opening Facebook every now and then, when working in lab, just to see what's going on. Facebook is my biggest distraction. Hope this move will help me to concentrate on work.
By the way, iptables doesn't persist the firewall rules across restarts. So I have appended the above command to my /etc/profile file so I don't have to manually type the above command when I fresh boot my computer.
By the way the above command will block all packets that match the string, so if you try to search for in Google, you won't be able to see the results page, as the search query will never reach Google.

And yeah, if you want to unblock facebook, check the rule number by issuing
iptables -L OUTPUT
And see the line number. If the rule you created is on 1st line then line number is 1. Now issue the following command:
iptables -D OUTPUT 1

1 comment:

prab97 said...

The hosts file trick doesn't work for me because I am behind a proxy server, and it is the proxy server which does the name resolution.