4

Is there any tool/application that I can use to block hosts from all forms of connection from my computer? Currently I use /etc/hosts and place the absolute host like this:

127.0.0.1 unix.stackexchange.com
127.0.0.1 www.unix.stackexchange.com

But with regex it would be easier to something like this

127.0.0.1 .*stackexchange.*

Which would block everything with stackexchangein the url.

DisplayName
  • 11,468
  • 20
  • 73
  • 115
  • Do you want to block output or input only or both? – slm Nov 26 '14 at 18:13
  • @slm Output i guess, or both. – DisplayName Nov 26 '14 at 18:16
  • Related: [Blocking Websites with /etc/hosts](http://unix.stackexchange.com/questions/127766/blocking-websites-with-etc-hosts/127769#127769) as well as this: [Block a certain URL?](http://unix.stackexchange.com/questions/169218/block-a-certain-url/169234#169234) – slm Nov 26 '14 at 18:20
  • Are you looking for something like [this](http://www.thegeekstuff.com/2010/09/squid-control-internet-access/)? I see you could use regex with *squid*. – Ramesh Nov 26 '14 at 18:26
  • Using the post that @Ramesh provides above + [this one that shows how to setup transparent proxying w/ Squid](http://www.cyberciti.biz/tips/linux-setup-transparent-proxy-squid-howto.html) is likely going to give you what you want. – slm Nov 26 '14 at 18:33

2 Answers2

-1

Determine ASN

whois -h whois.radb.net `dig +short stackoverflow.com`

Manage Traffic

for ip in `whois -h whois.radb.net '!gAS25791' | grep /`
do
    iptables -A -s $IP -j DROP
done
earthmeLon
  • 1,150
  • 1
  • 8
  • 17
-1

As for hassle-free solutions, many use fail2ban: http://www.fail2ban.org/

Rules can be customised, see http://www.fail2ban.org/wiki/index.php/Commands

set <JAIL> addfailregex <REGEX>

Nemo
  • 522
  • 1
  • 11
  • 23