Let's say we want to block access to the creatively named www.badsite.com.
I bet you've already configured DNS server to resolve the name in your router, if not
Router(config)# ip name-server 1.1.1.1 2.2.2.2
Router# ping www.techrepublic.com
Translating "www.techrepublic.com"...domain server (1.1.1.1) [OK]
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 216.239.113.101, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 1/1/4 ms
Router#
To actually block the undesirable Web site, we need to create an access control list (ACL) to define exactly what we want to block. Here's an example:
Router(config)# access-list 101 deny tcp any host www.badsite.com eq www
Allow to all rather than above
Router(config)# access-list 101 permit tcp any any eq www
Check your access like in router
Router# sh run | inc access-list 101
access-list 101 deny tcp any host 66.116.109.62 eq www log <-- you can block by address and also using log to monitor with syslog. i.e Kiwi Syslog Server.
Subscribe to:
Post Comments (Atom)
-
ကကုသန္ဓော ကောဏဂမနော ကဿပေါ ဂေါတမော မုနိဆယ်ထား ဆယ်တော်မူမြတ်စွာဘုရား မေတ္တယျော ပဉ္စဗုဒ္ဓေါတေ သိသေမေသန္တ သဗ္ဗဒါ ဧတေသံ အာနုဘာဝေန ရက္ခဒေဝါ မဟိဒ္ဓ...
-
sudo systemctl mask sleep.target suspend.target hibernate.target hybrid-sleep.target Created symlink /etc/systemd/system/sleep.target → /d...
-
1. install CentOS 4.4 (for me I'm using CentOS Mini 4.4, only 1 disc) 2. install nmap using yum (yum -y install nmap) 3. install etterca...
No comments:
Post a Comment