firewalld rule to block url

vinmansbrew · 03-21-2024, 04:53 PM

Rhel 7.9 using firewalld
I know how to block IPs, what I'd like to do is block a url. For example compute-1.amazonaws.com, so that anything from that address gets blocked.

Is there a way to do this, without camping netstat and blocking every IP I see from the address?

I haven't found anything that seems to reference doing this.

Thanks

mw.decavia · 03-21-2024, 06:48 PM

Yes, there is a way. At least two ways that I can think of.

(1) Use "pi hole", which is not just for Raspberry pi anymore.

(2) Set your machine (or lan) up with a caching dns server, in which you define unwanted hosts/domains like "compute-1.amazonaws.com" to have a particular -reserved- ip-address like (192.0.0.1) and then you have firewalld block (192.0.0.1)

Quote:

Originally Posted by vinmansbrew

Rhel 7.9 using firewalld
I know how to block IPs, what I'd like to do is block a url. For example compute-1.amazonaws.com, so that anything from that address gets blocked.

Is there a way to do this, without camping netstat and blocking every IP I see from the address?

I haven't found anything that seems to reference doing this.

Thanks

vinmansbrew · 03-22-2024, 10:00 AM

Two sounds like some extra work. I think I'll check out pi hole first!

friendlysalmon8827 · 04-04-2024, 07:33 AM

For one I do believe that RHEL 7 series is coming it's end of life,so I'd recommend the the OP consider looking into RHEL 8.9 or 9.x series of RHEL.