[SATLUG] Blocking with iptables, even if the hostname won't resolve

David Salisbury david.salisbury at momentumweb.com
Tue May 11 14:14:35 CDT 2010


But I don't think I can block whole domains with iptables, right?  Like, 
if I block the site below, that will just block THAT site (that IP) and 
not any "under it", isn't that correct?  I so far haven't been able to 
find a way to do it with iptables (block an entire domain), at least.  
I'll look at that string match a little more closely, but I read some 
forums that said it basically didn't match the string of the domain 
name, but rather information in the headers (which potentially wouldn't 
include the actual name).  But I didn't check that myself so I'll dig a 
little more.  Thanks for the suggestions, guys!
David

On 5/11/2010 1:06 PM, Jeremy Mann wrote:
> David, for now I would block the entire domain, netvisio.net:
> Non-authoritative answer:
> Name:   netvisio.net
> Address: 212.116.158.139
>    


More information about the SATLUG mailing list