iptables, allow only certain urls
From: @ndreeDate: 06/12/02
- Next message: RainbowHat: "Re: active system attack"
- Previous message: Tim Haynes: "Re: significance of "nobody" ownership permission?"
- Next in thread: Patrick Schaaf: "Re: iptables, allow only certain urls"
- Reply: Patrick Schaaf: "Re: iptables, allow only certain urls"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
From: "@ndree" <Andree@nospam-Toonk.nl> Date: Wed, 12 Jun 2002 12:15:31 +0200
Hello,
I´ve got a question about iptables.
I´ve got a network 192.168.0.0/24 and there are certain restrictions for the
users on that network.
This network is connected to the intenet through a linux 2.4 iptables
firewall.
A example of a restriction is that the can only visit some internet sites.
The rules i´ve made for this is:
$IPTABLES -t nat -A POSTROUTING -o $EX_IF -s 192.168.0.0/24 -j MASQUERADE
$IPTABLES -A FORWARD -s www.somesite.com -p tcp --sport 80 -d
192.168.0.0/24 -j ACCEPT
$IPTABLES -A FORWARD -s www.anothersite.com -p tcp --sport 80 -d
192.168.0.0/24 -j ACCEPT
$IPTABLES -A FORWARD -s $NAMESERVER -p udp --sport 53 -d 192.168.0.0/24 -j
ACCEPT
$IPTABLES -A FORWARD -s 0/0 -d 192.168.0.0/24 -j DROP
as you can see I´ve made this rule in the forward chain, is this wise to do?
Or should I make this rule in the input or output chain?
I hope you can advise me with this,
what would be the best way to allow only certain sites?
thanks in advance Andree
- Next message: RainbowHat: "Re: active system attack"
- Previous message: Tim Haynes: "Re: significance of "nobody" ownership permission?"
- Next in thread: Patrick Schaaf: "Re: iptables, allow only certain urls"
- Reply: Patrick Schaaf: "Re: iptables, allow only certain urls"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
