Creating Setup to be able to ping Google but not Facebook

This writeup is all about the TASK 13 given by Vimal Daga Sir,

Task Description📄

🔰 Create a Setup so that you can ping google but not able to ping Facebook from same system

Let do this task, step by step.

Before starting lets discuss about the the Routing table, what is it? and how it is connected to this task?

In computer networking a routing table, or routing information base, is a data table stored in a router or a network host that lists the routes to particular network destinations, and in some cases, metrics associated with those routes.

So, what we are going to do is the change the Routing table rules in such a way that, if we ping the Google it will work but when we try to ping to Facebook it will give the error network not reachable.

In this Task, I am using RHEL 8 (RedHat Enterprise Linux) on the VMware. And the network adaptor is set to bridge network adaptor.

Lets start, I am using a freshly installed VM, so lets see the routing table.

I am using the root user if you are using the regular user you need to add sudo in front. Use the command given below to see Routing Table in the terminal.

[root@localhost ~]# route -n

Here, you can see we have one gateway 192.168.41.237 which routes all the network packets to 0.0.0.0 i.e. all the places and this is the default. we will focus on just ens160 for this task (name of network card may vary).

Now, Lets ping to google.com and facebook.com

[root@localhost ~]# ping google.com -4
[root@localhost ~]# ping facebook.com -4

This is output that I got by running both the commands. I have used the attribute -4 because I need to see the IPv4 of the google (172.217.166.78) and Facebook(31.13.79.35).

To proceed further first we are going to delete the default rule and we will note the gateway IP which is in my case is 192.168.41.237. using the below command I have deleted the Gateway rule

[root@localhost ~]# route delete default

As a result now I cannot ping both Google and Facebook.

Method 1

Now lets move to the main part, now we will create a custom rule that will generate the packet for the Google.com. Here is the command to do that.

[root@localhost ~]# route add -host 172.217.166.78 gw 192.168.41.237 ens160

This will add the route to google IP, but network will be unreachable for other IPs. You can see the results yourself.

From this method we achieved our goal but it made whole VM just to send packets to only google.com. Upon some research I found a way just to make only facebook.com unreachable.

Method 2

If you have followed me in last method we need to reset our IP routing table, to do that, What we can do is restart the the wire connection and your routing table will reset.

After resetting, If you want that only Facebook stays inaccessible rest all internet work fine then use this command.

[root@localhost ~]# route -add -host 31.13.79.35 reject

With this, Google is still accessible but Facebook do not.

Thank you for reading, and do let me know more in the comments!