iptables config

Discussion in 'General Linux' started by TinaBaker, Nov 5, 2013.

  1. TinaBaker

    TinaBaker New Member

    Messages:
    3
    Likes Received:
    0
    Trophy Points:
    1
    Hi there:

    I'd like to find a way to block or restrict web-pages without SSL where my password is sent as a plaintext in packets.

    Let's assume if I have the same password for all web-sites login, is it possible to set this filter up with iptables? if so, how?

    I am a new Linux user. :)

    Thank you for your help.:)

  2. TinaBaker

    TinaBaker New Member

    Messages:
    3
    Likes Received:
    0
    Trophy Points:
    1
    anyone knows? please help!
  3. nixsavy

    nixsavy Member

    Messages:
    65
    Likes Received:
    17
    Trophy Points:
    8
    You can set filter as below per website, Just replace "your.domain.com" with your website name but keep in mind that not every site supports https.

    Code:
    iptables -t filter -I INPUT -p tcp --dport 80 -m string --string your.domain.com --algo bm -j REJECT
    iptables -t filter -I OUTPUT -p tcp --dport 80 -m string --string your.domain.com --algo bm -j REJECT
  4. TinaBaker

    TinaBaker New Member

    Messages:
    3
    Likes Received:
    0
    Trophy Points:
    1
    I do not have a web-site.

    I'd like to block any web-site without a proper ssl that I visit via iptables.

    Is there a way to do it?
    Thank you.
  5. nixsavy

    nixsavy Member

    Messages:
    65
    Likes Received:
    17
    Trophy Points:
    8
    Then you can block web server port 80 in iptables because web server serves without SSL websites on port 80.

Share This Page