[ previous ] [ next ] [ threads ]
 
 From:  Albert Lash <albert dot lash at gmail dot com>
 To:  Rendra Basuki <rbasuki at gdincorporation dot com>
 Cc:  m0n0wall at lists dot m0n0 dot ch
 Subject:  Re: [m0n0wall] How to block a certain website with m0n0wall?
 Date:  Thu, 8 Oct 2009 21:25:08 -0400 
I forgot to CC the list last time - I've updated my old post about
blocking Agoga with a screenshot as the order is important and easier
to show then to explain:

http://www.soggyblogger.com/blog/2007/11/avoiding-agoga.html

And yes, reject is faster than drop for instances like this.

On Thu, Oct 8, 2009 at 3:50 PM, Rendra Basuki
<rbasuki at gdincorporation dot com> wrote:
> Can you tell me more specifically on how to do what you did with agoga? I
> set the reject rule on m0n0wall and set the source as any and the protocol
> as TCP and the destination as single address (the agoga's IP).
>
> Am I missing anything?
>
> Thanks
> Rendra
>
> -----Original Message-----
> From: Albert Lash [mailto:albert dot lash at gmail dot com]
> Sent: Friday, October 09, 2009 1:31 AM
> To: rbasuki at gdincorporation dot com
> Subject: Re: [m0n0wall] How to block a certain website with m0n0wall?
>
> On Thu, Oct 8, 2009 at 2:01 PM, GD Incorporation
> <rbasuki at gdincorporation dot com> wrote:
>> Deal all m0n0wallers
>>
>> Can you tell me how to block certain web sites from being accessed by
>> the users. I tried to id the IP address of the DNS servers of the web
>> sites and put them in the Firewall Rules under block and it still
>> accessibles. Then I found a forums that says that reject works faster
>> and better, so I tried reject.
>>
>> On one computer it works, but on another computer (that has pass
>> through
>> mac) does not works. Can you tell me what to do to make the filter
>> 100% working?
>>
>> Thanks
>> Rendra
>>
>>
>
> Hi,
>
> I did the same as you to block agoga:
>
> http://www.soggyblogger.com/blog/2007/11/avoiding-agoga.html
>
> and it worked fine for just my computer.
>
> Not sure about the pass through MAC. Is the MAC address getting passed
> through to or from the firewall? Do you have a DMZ setup giving the machine
> a public IP address? You'll have to handle http proxies, too.
>
> Another option which is employed for blocking single host names is to
> override the DNS settings, pointing avoid.me.example.com to 127.0.0.1.
>
>