block เวบด้วย iptable จากท่าน linuxtoy
# vi /etc/rc.d/rc.firewall.local
iptables -t nat -I PREROUTING -p tcp -d facebook.com --dport 80 -j DROP
iptables -t nat -I PREROUTING -p tcp -d facebook.com --dport 443 -j DROP
iptables -t nat -I PREROUTING -p tcp -d facebook.com --dport 445 -j DROP
iptables -t nat -I PREROUTING -p tcp -d www.facebook.com --dport 80 -j DROP
iptables -t nat -I PREROUTING -p tcp -d www.facebook.com --dport 443 -j DROP
iptables -t nat -I PREROUTING -p tcp -d www.facebook.com --dport 445 -j DROP
iptables -I FORWARD -p tcp -d facebook.com --dport 80 -j DROP
iptables -I FORWARD -p tcp -d facebook.com --dport 443 -j DROP
iptables -I FORWARD -p tcp -d facebook.com --dport 445 -j DROP
iptables -I FORWARD -p tcp -d www.facebook.com --dport 80 -j DROP
iptables -I FORWARD -p tcp -d www.facebook.com --dport 443 -j DROP
iptables -I FORWARD -p tcp -d www.facebook.com --dport 445 -j DROP
# vi /etc/rc.local
/sbin/route add -host 66.220.149.18 reject
/sbin/route add -host 69.171.228.1 reject
/sbin/route add -host 69.171.224.13 reject
/sbin/route add -host 69.171.224.14 reject
/sbin/route add -host 69.171.229.11 reject
/sbin/route add -host 69.63.181.15 reject
/sbin/route add -host 69.171.224.12 reject
/sbin/route add -host 69.171.224.11 reject
/sbin/route add -host 66.220.158.11 reject
/sbin/route add -host 69.171.229.11 reject
/sbin/route add -host 66.220.149.11 reject
/sbin/route add -host 69.171.242.11 reject
/sbin/route add -host www.facebook.com reject
/sbin/route add -host facebook.com reject
# vi /etc/rc.d/rc.firewall.local
iptables -t nat -I PREROUTING -p tcp -d facebook.com --dport 80 -j DROP
iptables -t nat -I PREROUTING -p tcp -d facebook.com --dport 443 -j DROP
iptables -t nat -I PREROUTING -p tcp -d facebook.com --dport 445 -j DROP
iptables -t nat -I PREROUTING -p tcp -d www.facebook.com --dport 80 -j DROP
iptables -t nat -I PREROUTING -p tcp -d www.facebook.com --dport 443 -j DROP
iptables -t nat -I PREROUTING -p tcp -d www.facebook.com --dport 445 -j DROP
iptables -I FORWARD -p tcp -d facebook.com --dport 80 -j DROP
iptables -I FORWARD -p tcp -d facebook.com --dport 443 -j DROP
iptables -I FORWARD -p tcp -d facebook.com --dport 445 -j DROP
iptables -I FORWARD -p tcp -d www.facebook.com --dport 80 -j DROP
iptables -I FORWARD -p tcp -d www.facebook.com --dport 443 -j DROP
iptables -I FORWARD -p tcp -d www.facebook.com --dport 445 -j DROP
# vi /etc/rc.local
/sbin/route add -host 66.220.149.18 reject
/sbin/route add -host 69.171.228.1 reject
/sbin/route add -host 69.171.224.13 reject
/sbin/route add -host 69.171.224.14 reject
/sbin/route add -host 69.171.229.11 reject
/sbin/route add -host 69.63.181.15 reject
/sbin/route add -host 69.171.224.12 reject
/sbin/route add -host 69.171.224.11 reject
/sbin/route add -host 66.220.158.11 reject
/sbin/route add -host 69.171.229.11 reject
/sbin/route add -host 66.220.149.11 reject
/sbin/route add -host 69.171.242.11 reject
/sbin/route add -host www.facebook.com reject
/sbin/route add -host facebook.com reject
