Ok, I understand and thank you very much.
the main reason is I need to block Google's domains, such as YouTube, and
Google Drive, as these have the same IP with different types of subdomain.
I can not do by proxy as this does not handle https ports, therefore you
have to be by shorewall.
And also mentioned that I can not block the IP of google let alone the
https port to block the Google Drive and youtube sites by 443.
If you have a better idea I could comment please ..
Greetings!
2012/7/11 Paul Gear <[email protected]>
> On 12/07/12 08:50, I.S.C. William wrote:
> > It is possible to block a site by domain name?
> >
> > for example:
> >
> > REJECT loc net:www.domin1.com <http://www.domin1.com> tcp
> 443
> > REJECT loc net:www.domin2.com <http://www.domin2.com> tcp
> 80
> >
> > It can be IP, but at the same wonder if you can just by domain name.
>
> You can do this, but it is not recommended because:
>
> 1. The name is resolved to an IP address on startup, and after that only
> the IP is used. So if the site changes addresses, this will become
> ineffective until you restart shorewall.
>
> 2. If you don't have working DNS resolution on startup, shorewall will
> fail to start.
>
> Because of this, you're much better off redirecting all browsing through
> a local proxy and blocking it there with squidGuard, Dan's Guardian, or
> something similar.
>
> Paul
>
>
>
> ------------------------------------------------------------------------------
> Live Security Virtual Conference
> Exclusive live event will cover all the ways today's security and
> threat landscape has changed and how IT managers can respond. Discussions
> will include endpoint security, mobile security and the latest in malware
> threats. http://www.accelacomm.com/jaw/sfrnl04242012/114/50122263/
> _______________________________________________
> Shorewall-users mailing list
> [email protected]
> https://lists.sourceforge.net/lists/listinfo/shorewall-users
>
--
I.S.C. William López Jiménez
--
User Linux # 379636
MSN [email protected]
Jabber [email protected]
Web: www.koalasoftmx.tk
Twitter: @koalasoft
Facebook: william.koalasoft
------------------------------------------------------------------------------
Live Security Virtual Conference
Exclusive live event will cover all the ways today's security and
threat landscape has changed and how IT managers can respond. Discussions
will include endpoint security, mobile security and the latest in malware
threats. http://www.accelacomm.com/jaw/sfrnl04242012/114/50122263/
_______________________________________________
Shorewall-users mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/shorewall-users
