This script is for blocking https traffic in the software router it self, I am using squid and it is not capable for blocking HTTPS traffics, because 1 , the url is encrypted. 2, The routing table is only for handing traffic over port 80.
This script have two input file, it will create automatically in the first run. It have capability for local IP based restriction
Editable area in the script :
DIST=192.168.1.6 #IP where the request has to forward DPORT=81 #Port where the request has to forward BLOCKPORTS=443 #Outgoing + incomming Port RULE=forward #Possible options reject,drop,forward
If you have any web-page for giving a message to the user regarding the block, set it here
Enter the domain and local IP separately in the file, examples are shown below Download here
[anand@planetcure ~]$ sh https_block.sh --help This script is for block https outbound traffic using source based requests -s or --silent Silent execution ssl_domains File for enter SSL domain names ip_users File for enter localip list
You must have to enable forwarding and execute it from root.
First run :
[root@planetcure]# sh https_block.sh Parent dir not found, Creating entire structure /opt/installer/scripts |-- ip_users `-- ssl_domains 0 directories, 2 files [INFO]:We found empty input file. exiting..
Input Files :
[root@planetcure]# ls /opt/installer/scripts/ ip_users ssl_domains
File input one by one :
[root@planetcure scripts]# cat ip_users 192.168.1.100 192.168.1.245 [root@planetcure scripts]# cat ssl_domains www.enlook.wordpress.com facebook.com www.facebook.com
Output:
[root@planetcure]# sh https_block.sh Validating file structure checking ssl_domains Ok. checking ip_users Ok. /opt/installer/scripts |-- ip_users `-- ssl_domains 0 directories, 2 files Executing source Ip 192.168.1.100 76.74.254.123 blocked for the domain www.enlook.wordpress.com 192.0.80.250 blocked for the domain www.enlook.wordpress.com 192.0.81.250 blocked for the domain www.enlook.wordpress.com 66.155.9.238 blocked for the domain www.enlook.wordpress.com 66.155.11.238 blocked for the domain www.enlook.wordpress.com 76.74.254.120 blocked for the domain www.enlook.wordpress.com 173.252.110.27 blocked for the domain facebook.com 31.13.79.128 blocked for the domain www.facebook.com Executing source Ip 192.168.1.245 76.74.254.120 blocked for the domain www.enlook.wordpress.com 76.74.254.123 blocked for the domain www.enlook.wordpress.com 192.0.80.250 blocked for the domain www.enlook.wordpress.com 192.0.81.250 blocked for the domain www.enlook.wordpress.com 66.155.9.238 blocked for the domain www.enlook.wordpress.com 66.155.11.238 blocked for the domain www.enlook.wordpress.com 173.252.110.27 blocked for the domain facebook.com 31.13.79.128 blocked for the domain www.facebook.com
Now set this as crone like below
*/05 * * * * /bin/sh /root/https_block.sh -s
If you run again the script it will show the current status of the blocked domain
[root@localhost bash]# sh https_block.sh Validating file structure checking ssl_domains Ok. checking ip_users Ok. /opt/installer/scripts |-- ip_users `-- ssl_domains 0 directories, 2 files Executing source Ip 192.168.1.100 Domain:www.enlook.wordpress.com DNAT tcp -- 192.168.1.100 76.74.254.123 tcp dpt:443 tcp dpt:443 to:192.168.1.6:81 Domain:www.enlook.wordpress.com DNAT tcp -- 192.168.1.100 192.0.80.250 tcp dpt:443 tcp dpt:443 to:192.168.1.6:81 Domain:www.enlook.wordpress.com DNAT tcp -- 192.168.1.100 192.0.81.250 tcp dpt:443 tcp dpt:443 to:192.168.1.6:81 Domain:www.enlook.wordpress.com DNAT tcp -- 192.168.1.100 66.155.9.238 tcp dpt:443 tcp dpt:443 to:192.168.1.6:81 Domain:www.enlook.wordpress.com DNAT tcp -- 192.168.1.100 66.155.11.238 tcp dpt:443 tcp dpt:443 to:192.168.1.6:81 Domain:www.enlook.wordpress.com DNAT tcp -- 192.168.1.100 76.74.254.120 tcp dpt:443 tcp dpt:443 to:192.168.1.6:81 Domain:facebook.com DNAT tcp -- 192.168.1.100 173.252.110.27 tcp dpt:443 tcp dpt:443 to:192.168.1.6:81 31.13.79.144 blocked for the domain www.facebook.com Executing source Ip 192.168.1.245 Domain:www.enlook.wordpress.com DNAT tcp -- 192.168.1.245 76.74.254.120 tcp dpt:443 tcp dpt:443 to:192.168.1.6:81 Domain:www.enlook.wordpress.com DNAT tcp -- 192.168.1.245 76.74.254.123 tcp dpt:443 tcp dpt:443 to:192.168.1.6:81 Domain:www.enlook.wordpress.com DNAT tcp -- 192.168.1.245 192.0.80.250 tcp dpt:443 tcp dpt:443 to:192.168.1.6:81 Domain:www.enlook.wordpress.com DNAT tcp -- 192.168.1.245 192.0.81.250 tcp dpt:443 tcp dpt:443 to:192.168.1.6:81 Domain:www.enlook.wordpress.com DNAT tcp -- 192.168.1.245 66.155.9.238 tcp dpt:443 tcp dpt:443 to:192.168.1.6:81 Domain:www.enlook.wordpress.com DNAT tcp -- 192.168.1.245 66.155.11.238 tcp dpt:443 tcp dpt:443 to:192.168.1.6:81 Domain:facebook.com DNAT tcp -- 192.168.1.245 173.252.110.27 tcp dpt:443 tcp dpt:443 to:192.168.1.6:81 31.13.79.144 blocked for the domain www.facebook.com
Now you have control in the network traffic usage.