--- Brad Campbell <[EMAIL PROTECTED]> wrote:
>
> May I suggest that futzing with dns like this is a
> bad way to go about what you require?
> As it seems you are only really concerned about web
> traffic (url) then perhaps a better way is to do
> a dynamic redirect on outbound port 80 to a local
> web-server. So anything that is attempted
> (http://xxx) will be directed straight to your local
> web page with instructions on it. (A far neater
> way than having a static IP response to any possible
> DNS lookup).
>
> iptables -t nat -A PREROUTING -p tcp -d !
> 192.168.0.0/24 --dport 80 -j REDIRECT --to-port 8081
>
> where your local httpd with the instruction list on
> it lives on the same machine on port 8081
>
> would do the job nicely.
> This won't work from the machine you are executing
> the command from, and you do need a linux gateway
> on your network to do it this way, but it's neat,
> tidy and much cleaner.
>
> You could also do this to add: (You need to insert
> (I) rather than add (A) as it must come before
> the above rule.
>
> iptables -t nat -I PREROUTING -p tcp -s $IPADDR -j
> ACCEPT
> iptables -t nat -I PREROUTING -p tcp -s $IPADDR -j
> RETURN
>
> this to delete:
> iptables -t nat -D PREROUTING -p tcp -s $IPADDR -j
> ACCEPT
> iptables -t nat -D PREROUTING -p tcp -s $IPADDR -j
> RETURN
>
> Where $IPADDR is the ip address of a machine that
> you wish to exempt from this rule (You could
> maintain a series of these with some form of script
> if you so desired, so they get redirected to
> your all singing/dancing instruction page, click a
> button and a CGI adds them to the whitelist of
> allowed machines to access the web directly. You
> could put a timer on it or any other form of script
> magic to then delete the rules when you need them to
> be blocked again.
>
> iptables rocks
Thanks Brad for the advice , I am going to
try it
Thanks
Joseph
___________________________________________________________
To help you stay safe and secure online, we've developed the all new Yahoo!
Security Centre. http://uk.security.yahoo.com
------------------------ Yahoo! Groups Sponsor --------------------~-->
1.2 million kids a year are victims of human trafficking. Stop slavery.
http://us.click.yahoo.com/WpTY2A/izNLAA/yQLSAA/0XFolB/TM
--------------------------------------------------------------------~->
Yahoo! Groups Links
<*> To visit your group on the web, go to:
http://groups.yahoo.com/group/dubailug/
<*> To unsubscribe from this group, send an email to:
[EMAIL PROTECTED]
<*> Your use of Yahoo! Groups is subject to:
http://docs.yahoo.com/info/terms/
