iptables: block any.com for specific time &compare featu

[farhanksa]

Hi
i am mainly looking for iptables for blocking any.com for specific time & comparison with cisco IOS ACL

Im doing a bit of different implementation of iptable. what i want to do is to block the iptables: blocking something.com for specific time .
like blocking specific web site for timings in office house and , allow in the week end.
but i dont want to add seprate rule for each web server of that web site. i just want to use Domainname so that it covers all webserver against it in the DNS record automatically.

secondly need some comparison and features to iptables to compare with cisco IOS ACL , for implementing in medium sized network.

Support for iptables and cisco geeks needed, help will be highly appreciated.
Thanks

[LinuxFreaK]

Dear farhanksa,
Salam,

# iptables -I FORWARD -s a.b.c.d -d e.f.g.h -p tcp --dport 80 -m time
--timestart 01:00 --timestop 12:00 -j REJECT

Or

iptables -I FORWARD -s any.com -d any.com -p tcp --dport 80 -m time
--timestart 01:00 --timestop 12:00 -j REJECT


It will block specific traffic between time slot of 01:00 to 12:00 each day

Best Regards.

[LinuxFreaK]

Dear farhanksa,
Salam,

For your Second Question,

http://fwup.org/
http://www.ipblocker.org/
http://www.iu.hio.no/teaching/materials ... .en&week=6

Best Regards.

[zaeemarshad]

hey Farhan,

long time no see man..where have you been?

Regarding your question, i have one concern. If you are thinking about blocking a web request to a particular website, it might not be blocked by iptables as the destination address will be that of the next hop gateway and the website address is in the payload. This is where squid proxy comes in.

Regards
Zaeem