0

I'm trying to deny access to the Internet and that part works with ufw default deny outgoing (the PC is going to be used for exams so no googling allowed;-)) But I need access to a chrome extension called AppWriter (reads up the tests in PDF)

Should that be possible or is it a complete no go?

Thanks

Improve this question
3
  • 1
    You can look up what sites your extension needs access to, then whitelist those domains.
    – Sirajus Salekin
    Commented Jun 13 at 19:43
  • This is the extension: chromewebstore.google.com/detail/appwriter-cloud/… I have used wireshark to look for IPs but how would you go whitelistening those?
    – Kevin Petersen
    Commented Jun 13 at 20:21
  • You may want to ask the creator of the Chrome extension about off line access, and which site it requires access to, to work. Once you have that information, adjust the ufw rule accordingly.
    – user68186
    Commented Jun 13 at 23:14

1 Answer 1

Reset to default
0

You can use iptables or other firewall tools to disable all network access to Chrome, and then add the domain name or IP rules used by the extension to achieve this effect.

sudo apt-get update
sudo apt-get install iptables


sudo iptables -A OUTPUT -o eth0 -j DROP
sudo iptables -A INPUT -i eth0 -j DROP

sudo iptables -A OUTPUT -p tcp -d example.com -j ACCEPT
sudo iptables -A OUTPUT -p tcp -d IP -j ACCEPT
sudo iptables -A INPUT -p tcp -s example.com -j ACCEPT
sudo iptables -A INPUT -p tcp -s IP -j ACCEPT

If you want persistence

sudo iptables-save > /etc/iptables/rules.v4

Make sure the iptables rules are restored on reboot

sudo apt-get install iptables-persistent
sudo netfilter-persistent save
sudo netfilter-persistent reload

Verify the rules

sudo iptables -L -v
Improve this answer
2
  • Thanks. The "sudo iptables -A OUTPUT -o eth0 -j DROP" sure drops connections but the accept part doesn't seem to allow trafic?!? Is it neccesary to make it persistence and reboot for it to work?
    – Kevin Petersen
    Commented Jun 18 at 13:24
  • Your answer could be improved with additional supporting information. Please edit to add further details, such as citations or documentation, so that others can confirm that your answer is correct. You can find more information on how to write good answers in the help center.
    – Community Bot
    Commented Jun 20 at 17:29

You must log in to answer this question.

Not the answer you're looking for? Browse other questions tagged .