You don't - not easily, at least. iptables allows you to configure rules by IP.
Blocking e.g. *.youtube.com/* [to say nothing of aliases thereof] is hostname-based, not IP-based. And I would imagine, at a glance, that Youtube has a lot of IPs. Your easiest answer would be to do HTTP proxying and filter it that way. - Rich On Thu, Oct 4, 2012 at 3:27 AM, vivek chalotra <vivekat...@gmail.com> wrote: > Dear all, > > i have used the following ip table rules to implement gateway in my linux > server: > > iptables --flush > iptables --table nat --flush > iptables --delete-chain > iptables --table nat --delete-chain > iptables --table nat --append POSTROUTING --out-interface eth0 -j > MASQUERADE > iptables --append FORWARD --in-interface eth1 -j ACCEPT > echo 1 > /proc/sys/net/ipv4/ip_forward > iptables-save > > And now i want to block youtube on my network. kindly suggest iptable rules > to do that. My server has two ethernet card, eth0 is external network and > eth1 is for local LAN. > > Any help is appreciated > > Regard > > Vivek Chalotra > GRID Project Associate, > High Energy Physics Group, > Department of Physics & Electronics, > University of Jammu, > Jammu 180006, > INDIA.