Youtube not blocked by iptables

iptables

On our Ubuntu machine I have attempted to block internet access to one of the user accounts by adding the following line to /etc/network/interfaces:

pre-up iptables -A OUTPUT -p tcp -m owner --uid-owner 1001 -j DROP

This works well except somehow Youtube and other Google properties are not blocked.

I'm not an expert in iptables, but I assumed the above command would drop all outgoing requests from the specified user. Is there something special about Google properties that would somehow cause them to be exempted?

For reference here is my iptables list:

$ sudo iptables --list

Chain INPUT (policy ACCEPT)
target     prot opt source               destination         

Chain FORWARD (policy ACCEPT)
target     prot opt source               destination         

Chain OUTPUT (policy ACCEPT)
target     prot opt source               destination         
DROP       tcp  --  anywhere             anywhere             owner UID match ****

Solution 1:

Is the user using Chrome/Chromium? If so, the browser is most likely using QUIC for those sites, and that protocol uses UDP as the transport.

You can block UDP ports 80 and 443 to solve it.

Related

nginx: dump HTTP requests for debugging
Confused by the role requirement of ECS
Getting a per thread cpu stats
Upgrade Subversion 1.6 to 1.7 on CentOS? (can't find yum repository)
nginx unix domain socket error
Any ideas on how to run maintenance on a site that is always under use?
fail2ban's database is too large (over 500mb). How do I get it to a reasonable size?
Disable TeamViewer from "stealing" Port 80?
How can I move /var/log directory
NTFS Folder has no owner, no permissions, can't be deleted
Can an attacker sniff data in a URL over HTTPS?
What else do I get with Cat 6 beyond future proofing my wiring?