Difference between revisions of "BlackBlockGoogle"

Methods

There are different methods for blocking google..

Browser extensions

Blocking using hosts file

You can edit your hosts file like the one showed here.

Doing this all listed domains will be redirected to that ip address. You can easily change the ip addresses whit your local host 127.0.0.1 or whatever you want :)

Blocking using a firewall

Using OpenWRT / iptables

This is a script that would run on OpenWRT:

With some modification (maybe) to the output processing of the nslookup command, or use host, it'll work on your local *NIX box

You would do, for example:

• root@OpenWrt:~# ./iptsetup.sh google.com gl 1
• That would create for you add_gl.sh and del_gl.sh in the current working directory.
• Then run ./add_gl.sh and all packets destined to google will be marked with MARK 1
• So add a rule something like:

iptables -N reject
iptables -A OUTPUT -m mark --mark 1 -j reject
iptables -A reject -p tcp -j REJECT --reject-with tcp-reset
iptables -A reject -j REJECT --reject-with icmp-port-unreachable

• You also need to feed traffic into the m_ip chain in your mangle table.
• How you might wish to do this is left as an exercise to the reader ;-) (don't just blindly "follow", Read up!!)

But for example, you could do something as simple as this, seeing as how you are running on a router:

iptables -t mangle -A PREROUTING -s lan-ip.of.user-that-not-want.google -j m_ip

#!/bin/sh
#
## iptsetup.sh domain.com name fwmark#
#
IP=`nslookup $1 | grep -E '[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}' | tail -n1 | cut -d\  -f3`
AS=`wget -q -O - http://ipinfo.io/$IP/org | cut -f1 -d \  | sed -e 's/AS//'`

echo '#!/bin/sh' > add_$2.sh
chmod 750 add_$2.sh
echo '#!/bin/sh' > del_$2.sh
chmod 750 del_$2.sh
NETWORKS=`wget -O - http://stat.ripe.net/data/announced-prefixes/data.yaml?resource=$AS|grep prefix\:|grep -v \:\:|awk '{print $3}'`

echo "iptables -t mangle -N $2_ip" >> add_$2.sh
echo "iptables -t mangle -N $2_do" >> add_$2.sh
echo "iptables -t mangle -A m_ip -j $2_ip" >> add_$2.sh
echo "iptables -t mangle -D m_ip -j $2_ip" >> del_$2.sh

for i in $NETWORKS; do echo "iptables -t mangle -A $2_ip -d $i -j $2_do" >> add_$2.sh; done
for i in $NETWORKS; do echo "iptables -t mangle -D $2_ip -d $i -j $2_do" >> del_$2.sh; done

echo "iptables -t mangle -A $2_do -j MARK --set-mark $3" >> add_$2.sh
echo "iptables -t mangle -D $2_do -j MARK --set-mark $3" >> del_$2.sh

echo "iptables -t mangle -X $2_ip" >> del_$2.sh
echo "iptables -t mangle -X $2_do" >> del_$2.sh

Other tools

A list of tools, please check their descriptions inside...

https://addons.mozilla.org/en-US/firefox/addon/librejs/

https://addons.mozilla.org/en-US/firefox/addon/trackmenot/

https://addons.mozilla.org/en-US/firefox/addon/decentraleyes/

https://www.eff.org/privacybadger

https://prism-break.org/en/

hosts file

block with iptables / openwrt