stackoom
  简体   繁体   中英

How can I block HTTPS application data by using iptables?

 原文  2017-09-07 18:15:58       linux/ iptables

Question

I want to block a HTTPS connection after TLS handshake using Iptables. In the other words, I want to allow TCP and TLS handshakes, and then I want to drop the connection. I know that HTTPS is encrypted, but there may be a solution to differentiate TLS handshake packets and application data packets without decrypting them.

1 answers

solution1
 -1  2017-09-07 19:00:51

您只需要从端口443接受SYN,SYN / ACK,ACK数据包以允许握手,然后丢弃其余数据包: iptables -A INPUT --protocol tcp --tcp-flags SYN ACK --dport 443 -j ACCEPT iptables -A INPUT --protocol tcp --tcp-flags FIN RST URG PSH --dport 443 -j DROP

暂无
暂无

The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.

Related Question IPTables How do I block a specific UDP Packet? how to block ip address for 24 hours in LINUX Using iptables block a website using iptables (redirecting to an error page) block ping from host to host using iptables (I am the wireless access point) How can I programmatically manage iptables rules on the fly? How can I check the hit count for each rule in iptables? Problems occur when I block a specific user to access Internet using iptables while ufw is enable How can I open a port in iptables for RMI access How can I remove specific rules from iptables? How can I log outgoing TCP to IP and not (HTTP) iptables
Related Tags
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM