Re: [arch-general] Iptables block https traffic apache

2016-11-04 Thread Travis Collins via arch-general 
On Fri, Nov 4, 2016 at 7:12 AM Maykel Franco via arch-general <
arch-general@archlinux.org> wrote:

> How can block in apache? The traffic enter anyway...what I want is
> that the requests do not enter? the apache does not process?
>

>From your description, it sounds like you want to block incoming traffic,
but your iptables rule is attempting to stop traffic leaving the Apache
box. Could you clarify this?

If you are trying to only serve content to other machines on your home
network, and block all incoming traffic from the world, you may want to
DROP input by default, and whitelist the IP range(s) you want to allow, in
this case your home network.

You could also set up ip filtering at the router, if it supports that.

Re: [arch-general] Iptables block https traffic apache

2016-11-04 Thread Maykel Franco via arch-general 
2016-11-04 12:09 GMT+01:00 Björn Fries via arch-general
:
> As the traffic is encrypted, iptables cannot analyse it. Apache must be the
> one who blocks here.
>
>
> On 2016-11-04 12:07, Maykel Franco via arch-general wrote:
>>
>> Hi, I have configured apache + php + mysql in my house. I like block
>> the specific url traffic over https...
>>
>> I found this:
>>
>> iptables -A OUTPUT -p tcp --sport 443 -m string --string "anything"
>> --algo kmp -j REJECT
>>
>> But not works... With http works very well...
>>
>> Any ideas??
>>
>> Thanks in advanced.
>>
>

How can block in apache? The traffic enter anyway...what I want is
that the requests do not enter? the apache does not process?

Re: [arch-general] Iptables block https traffic apache

2016-11-04 Thread Björn Fries via arch-general 
As the traffic is encrypted, iptables cannot analyse it. Apache must be 
the one who blocks here.


On 2016-11-04 12:07, Maykel Franco via arch-general wrote:

Hi, I have configured apache + php + mysql in my house. I like block
the specific url traffic over https...

I found this:

iptables -A OUTPUT -p tcp --sport 443 -m string --string "anything"
--algo kmp -j REJECT

But not works... With http works very well...

Any ideas??

Thanks in advanced.

[arch-general] Iptables block https traffic apache

2016-11-04 Thread Maykel Franco via arch-general 
Hi, I have configured apache + php + mysql in my house. I like block
the specific url traffic over https...

I found this:

iptables -A OUTPUT -p tcp --sport 443 -m string --string "anything"
--algo kmp -j REJECT

But not works... With http works very well...

Any ideas??

Thanks in advanced.