Hodžův blog

18 Bře

HowTo block facebook with iptables

Insert these lines into your firewall:
iptables -t filter -I FORWARD -s 192.168.0.0/24 -m tcp -p tcp -m iprange --dst-range 66.220.144.0-66.220.159.255 --dport 443 -j REJECT --reject-with tcp-reset
iptables -t filter -I FORWARD -s 192.168.0.0/24 -m tcp -p tcp -m iprange --dst-range 69.63.176.0-69.63.191.255 --dport 443 -j REJECT --reject-with tcp-reset
iptables -t filter -I FORWARD -s 192.168.0.0/24 -m tcp -p tcp -m iprange --dst-range 69.171.220.0-69.171.234.255 -–dport 443 -j REJECT --reject-with tcp-reset
iptables -t filter -I FORWARD -s 192.168.0.0/24 -m tcp -p tcp -m iprange --dst-range 204.15.20.0-204.15.23.255 --dport 443 -j REJECT --reject-with tcp-reset
iptables -t filter -I FORWARD -s 192.168.0.0/24 -m tcp -p tcp -m iprange --dst-range 66.220.144.0-66.220.159.255 --dport 80 -j REJECT --reject-with tcp-reset
iptables -t filter -I FORWARD -s 192.168.0.0/24 -m tcp -p tcp -m iprange --dst-range 69.171.220.0-69.171.234.255 -–dport 80 -j REJECT --reject-with tcp-reset
iptables -t filter -I FORWARD -s 192.168.0.0/24 -m tcp -p tcp -m iprange --dst-range 69.63.176.0-69.63.191.255 --dport 80 -j REJECT --reject-with tcp-reset
iptables -t filter -I FORWARD -s 192.168.0.0/24 -m tcp -p tcp -m iprange --dst-range 204.15.20.0-204.15.23.255 --dport 80 -j REJECT --reject-with tcp-reset

Pretty simply eh?

Update 1.4.2012:
Registered Facebook subnets (ARIN)

Leave a Reply

Hodžův blog is is proudly powered by Wordpress and the Magellan Theme