How to block outgoing URL calls with iptables on LinuxOct 26, 2021
iptables is a command-line firewall utility that uses policy chains to allow or block traffic. When a connection tries to establish itself on your system, iptables looks for a rule in its list to match it to. If it doesn’t find one, it resorts to the default action.
For this in particular, you’ll need a kernel compiled with Netfilter “String match support” enabled.
iptables -A OUTPUT -p tcp -m string --string "/webnus.net/plugin-api/verify" --algo kmp -j REJECT --reject-with tcp-reset
iptables -A OUTPUT -p tcp -m string --string "/webnus.net/addons-api/verify" --algo kmp -j REJECT --reject-with tcp-reset
-A OUTPUTAppends a rule targeting the outgoing calls
-p tcpUse the tcp protocol for the rule to do its checks
-m string --string "PATTERN" --algo kmp
-m stringUse the match module with the string selector
--string "PATTERN"Match the given pattern.
--algo kmpUse the KMP algorithm to do the string matching. Can read more about it here
-j REJECT --reject-with tcp-resetConnection reset: instead of dropping the packet with -j DROP, we can reject it and immediately close the connection with -p tcp -j REJECT –reject-with tcp-reset.
Alternatively and for extra cookie points, you can always block all outgoing connections and whitelist only the ones are ok with you.
Have a read here if you want to know more.