2.8. Blocking Access to a Remote Host

Problem

You want to block outgoing traffic to a particular host.

Solution

To block all access:

For iptables :

# iptables -A OUTPUT -d remote_IP_address -j REJECT

For ipchains :

# ipchains -A output -d remote_IP_address -j REJECT

To block a particular service, such as a remote web site:

For iptables:

# iptables -A OUTPUT -p tcp -d remote_IP_address --dport www -j REJECT

For ipchains:

# ipchains -A output -p tcp -d remote_IP_address --dport www -j REJECT

Discussion

Perhaps you’ve discovered that a particular web site has malicious content on it, such as a trojan horse. This recipe will prevent all of your users from accessing that site. (We don’t consider “redirector” web sites, such as http://www.anonymizer.com, which would get around this restriction.)

See Also

iptables(8), ipchains(8).

Get Linux Security Cookbook now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.

Start your free trial