Block external http calls

Question

I want to run many snippets of untrusted and unknown code on an Ubuntu machine hosted on Digital Ocean. For safety reasons, I would like to record and block any external calls made by any of the code snippets. I'm sure this is a very basic question but I did some cursory searching and am not sure how to do it. I'm sure there must be a standard Unix way. I need to be able to SSH to the box, but that's it. I want to turn external connections back on after I'm done testing.

I realize there are many concerns regarding running untrusted code beyond external http calls. But this is the aspect I want to focus on in this question.

Jesse Aldridge · Accepted Answer · 2018-09-18T03:11:21.810

2

Found a post on SuperUser showing how to do this with iptables: https://superuser.com/questions/923512/how-can-i-block-all-outbound-connections

In addition, Digital Ocean offers cloud firewalls: https://www.digitalocean.com/docs/networking/firewalls/

It ended up being very easy to configure a firewall as shown above.

(I promise I'm not a Digital Ocean representative in disguise.)

edited Sep 18 '18 at 03:11

answered Sep 18 '18 at 02:59

Jesse Aldridge

121
5

Block external http calls

1 Answers1