0
0
can anybody helps me to make a firewall rule to block a particular website for a particular user. i have a Linux operating system am trying to make that OS like a firewall.
sumith ps
Posted 2017-10-13T07:19:41.217
Reputation: 11
How to create a firewall rule, to block a website for a particular user?
Answers
1
You can't easily block a website for a particular user - particularly not using just a firewall. What you could do - assuming the Linux box is acting as a router - is block an IP address reaching another IP address.
You can map the users machine to a fixed IP address by dynamically assigning a static IP address, and you may be able to add a rule blocking that from address from the destination domains to address - although there may be some fallout, and can be worked around by the user changing their MAC address or statically assigning themselves a different from address.
You could also force everyone through a proxy, and require they log in to the proxy and then use the proxy to do the block. Hard, messy, breaks https.
davidgo
Posted 2017-10-13T07:19:41.217
Reputation: 49 152
Though you can of course add SSL interception to your proxy setup. If you install a certificate to the client devices, that will fix SSL breakage. – DMCoding – 2018-11-23T22:40:43.520
@dmcoding absolutely (and as per my answer), but that won't identify the user and assumes a proxy setup - which breaks https even when you install a cert. (It can still work, but I've seen interesting negotiation errors in this kind of setup) . You still need a way to u iquely identify the user. – davidgo – 2018-11-23T22:45:57.110
4This question is very broad, and is ill suited for the format on SuperUser. Do some research of your own and come back with specific questions. – mtak – 2017-10-13T07:33:59.613
1You tagged "firewalld". Are you using that solution? – marsh-wiggle – 2017-10-13T09:40:51.697