Koozali.org: home of the SME Server
  1. Koozali.org: home of the SME Server
  2. Obsolete Releases
  3. SME 7.x Contribs
  4. Topic: How do I block domains/site?
« previous next »
Pages: [1]   Go Down

How do I block domains/site?

  • 7 Replies
  • 2171 Views

Offline turtle2472

  • ***
  • 72
  • +0/-0
How do I block domains/site?
« on: December 10, 2007, 03:25:02 AM »
I've search but to no avail.  I'm trying to block certain sites from my network and can't seem to figure it out.  Looking through the host names and domains section I'm not seeing what I am looking for.

Here is an example of what I'm trying to do, block my server from ever accessing "myspace.com", "spamadserver.com", etc. 

On my Linksys RV042 I can just list domains and it blocks them.  I am currently using OpenDNS and blocking some of them through that, however I would rather block them locally than though the DNS.  Thanks.

Logged

Offline mmccarn

  • *
  • 2,627
  • +10/-0
Re: How do I block domains/site?
« Reply #1 on: December 10, 2007, 05:30:08 AM »
You can control browser access to domains using http://wiki.contribs.org/SquidGuard or http://wiki.contribs.org/Dansguardian.

If you need to block other traffic beyond plain http you might be able to do something with http://wiki.contribs.org/P2p.

Lastly, you can block all traffic by IP address using the methods described in http://bugs.contribs.org/show_bug.cgi?id=2977.

I don't know of any easy, non-DNS way to use your SME to simply block all traffic to a specific website or domain. 

You should be able to block external domains pretty well by defining them in 'server-manager' and configuring them to 'resolve locally' - especially if you have the HTTP transparent proxy enabled.

Perhaps a combination of the last option (create fake virtual domains locally) and blocking all outbound DNS queries?


Logged

Offline turtle2472

  • ***
  • 72
  • +0/-0
Re: How do I block domains/site?
« Reply #2 on: December 10, 2007, 07:27:43 AM »
Thanks for the great ideas.  Those will work well in conjunction with OpenDNS.
Logged

Offline raem

  • *
  • 3,972
  • +4/-0
Re: How do I block domains/site?
« Reply #3 on: December 10, 2007, 07:55:09 AM »
turtle2472 & mmccarn

Quote
Lastly, you can block all traffic by IP address using the methods described in http://bugs.contribs.org/show_bug.cgi?id=2977.

...and that is in the Firewall wiki
http://wiki.contribs.org/Firewall#Block_outgoing_ports

Logged
...

Offline turtle2472

  • ***
  • 72
  • +0/-0
Re: How do I block domains/site?
« Reply #4 on: December 10, 2007, 05:43:57 PM »
Logged

srobinson

Re: How do I block domains/site?
« Reply #5 on: December 11, 2007, 03:31:07 AM »
Here’s how I block sites using SME 7.2.  I’m still new to Linux so the following may not be the best.

echo acl block url_regex \”/etc/squid/block.acl\” >/etc/e-smith/templates-custom/etc/squid/squid.conf/20ACL31block
echo http_access deny block >/etc/e-smith/templates-custom/etc/squid/squid.conf/40http_access21denyBlock
echo .myspace.com >/etc/e-smith/templates-custom/etc/squid/block.acl/10block
echo .spamadserver.com >>/etc/e-smith/templates-custom/etc/squid/block.acl/10block
/sbin/e-smith/expand-template /etc/squid/squid.conf
/sbin/e-smith/expand-template /etc/squid/block.acl
/sbin/service squid restart

If you want to change the list of blocked sites edit /etc/e-smith/templates-custom/etc/squid/block.acl/10block then enter the following:

/sbin/e-smith/expand-template /etc/squid/block.acl
/sbin/service squid restart

To remove the list, delete the custom templates and restart as follows:

rm /etc/e-smith/templates-custom/etc/squid/squid.conf/20ACL31block
rm /etc/e-smith/templates-custom/etc/squid/squid.conf/40http_access21denyBlock
rm /etc/e-smith/templates-custom/etc/squid/block.acl/10block
/sbin/e-smith/expand-template /etc/squid/squid.conf
/sbin/service squid restart

Logged

Offline tariqf

  • ****
  • 179
  • +0/-0
Re: How do I block domains/site?
« Reply #6 on: July 16, 2008, 01:19:28 AM »
thanks srobinson, just posting my slightly modified version which worked in sme 7.3 for me

mkdir -p /etc/e-smith/templates-custom/etc/squid/squid.conf
mkdir -p /etc/e-smith/templates-custom/etc/squid/block.acl
echo acl block url_regex ”/etc/squid/block.acl” >/etc/e-smith/templates-custom/etc/squid/squid.conf/20ACL31block
echo http_access deny block >/etc/e-smith/templates-custom/etc/squid/squid.conf/40http_access21denyBlock
echo .facebook.com >/etc/e-smith/templates-custom/etc/squid/block.acl/10block
echo .facebook.co.uk >>/etc/e-smith/templates-custom/etc/squid/block.acl/10block
/sbin/e-smith/expand-template /etc/squid/squid.conf
/sbin/e-smith/expand-template /etc/squid/block.acl
svc -d /service/squid
/sbin/service squid restart

If you want to change the list of blocked sites edit /etc/e-smith/templates-custom/etc/squid/block.acl/10block then enter the following:

/sbin/e-smith/expand-template /etc/squid/block.acl
svc -d /service/squid
/sbin/service squid restart


To remove the list, delete the custom templates and restart as follows:

rm /etc/e-smith/templates-custom/etc/squid/squid.conf/20ACL31block
rm /etc/e-smith/templates-custom/etc/squid/squid.conf/40http_access21denyBlock
rm /etc/e-smith/templates-custom/etc/squid/block.acl/10block
/sbin/e-smith/expand-template /etc/squid/squid.conf
svc -d /service/squid
/sbin/service squid restart
Logged

Offline byte

  • *
  • 2,183
  • +2/-0
Re: How do I block domains/site?
« Reply #7 on: July 16, 2008, 09:49:38 PM »
Moving this topic to the SME 7.x contribs forum, it is more appropriate there. Thanks!
Logged
--[byte]--

Have you filled in a Bug Report over @ http://bugs.contribs.org ? Please don't wait to be told this way you help us to help you/others - Thanks!
Pages: [1]   Go Up
« previous next »
  1. Koozali.org: home of the SME Server
  2. Obsolete Releases
  3. SME 7.x Contribs
  4. Topic: How do I block domains/site?