iptables config

Discussion in 'General Linux' started by TinaBaker, Nov 5, 2013.

  1. TinaBaker

    TinaBaker New Member

    Joined:
    Nov 5, 2013
    Messages:
    3
    Likes Received:
    0
    Hi there:

    I'd like to find a way to block or restrict web-pages without SSL where my password is sent as a plaintext in packets.


    Let's assume if I have the same password for all web-sites login, is it possible to set this filter up with iptables? if so, how?

    I am a new Linux user. :)

    Thank you for your help.:)
     
  2. TinaBaker

    TinaBaker New Member

    Joined:
    Nov 5, 2013
    Messages:
    3
    Likes Received:
    0
    anyone knows? please help!
     
  3. nixsavy

    nixsavy Member

    Joined:
    May 21, 2013
    Messages:
    65
    Likes Received:
    18
    You can set filter as below per website, Just replace "your.domain.com" with your website name but keep in mind that not every site supports https.

    Code:
    iptables -t filter -I INPUT -p tcp --dport 80 -m string --string your.domain.com --algo bm -j REJECT
    iptables -t filter -I OUTPUT -p tcp --dport 80 -m string --string your.domain.com --algo bm -j REJECT
     
  4. TinaBaker

    TinaBaker New Member

    Joined:
    Nov 5, 2013
    Messages:
    3
    Likes Received:
    0
    I do not have a web-site.

    I'd like to block any web-site without a proper ssl that I visit via iptables.

    Is there a way to do it?
    Thank you.
     
  5. nixsavy

    nixsavy Member

    Joined:
    May 21, 2013
    Messages:
    65
    Likes Received:
    18
    Then you can block web server port 80 in iptables because web server serves without SSL websites on port 80.
     

Share This Page