1
I am trying to block a specific IP address from being accessed using the browser on my system. I added a simple rule as below
iptables -A OUTPUT -d <IP> -j DROP
The site gets blocked in the command line,i.e ping ,nmap etc.. But when I try to access the IP using the browser it is getting connected. I don't have any extra rules on my iptables. May I know what is wrong with this? I am running Ubuntu 12.04.
PaulDaviesC
Posted 2013-08-09T04:58:09.370
Reputation: 141
0
This will most likely be happening for 1 of 2 reasons.
The more likely reason is that there is a rule in the table specifically allowing access to port 80 which is matched before this rule. If this is the case you can "insert" the rule at the top of the table rather then "append" it with the following line
iptables -I OUTPUT -d -j DROP
Alternatively (and less likely) if you have issued this command on a linux box acting a router, and the browser is on a computer connected through the box, you need to use the forward chain rather then the output chain
iptables -I FORWARD -d -j DROP
davidgo
Posted 2013-08-09T04:58:09.370
Reputation: 49 152
Neither of them is the case.
iptables -Ldoes not show any rules and to ensure that it is empty I issuediptables -F. I am trying it on the same computer too. – PaulDaviesC – 2013-08-09T11:43:38.357@PaulDC I wonder if there is some kind of proxy configured so the traffic is not going directly to the site in question. My next step would be to fire up tcpdump and try and browse the site and see where the traffic is going. – davidgo – 2013-08-09T19:55:48.807