Blocking social networks using iptables

Once on one of the NAT servers I needed to block some sites.

If the sites are located on several IP addresses, then you need to find out these ranges of IP addresses, for example, look for VKontakte on bgp.he.net, for example, a list of subnets for one of the AS belonging to VK “http://bgp.he.net/AS47541#_prefixes”.

When networks or hosts are known, add rules for them in iptables, for example:

/sbin/iptables -A FORWARD -s 87.240.128.0/18 -j DROP
/sbin/iptables -A FORWARD -s 95.142.192.0/20 -j DROP

Thus, we prohibit the passage of the traffic of these networks through the server.

See also my articles:
Blocking social networks on Cisco
Blocking social networks on Mikrotik routers

Подписаться на IT Blog (RU) по Email
Subscribe to IT Blog (EN) by Email

Did my article help you? How about buying me a cup of coffee as an encouragement? Buy me a coffe.

Leave a Reply