scanshell . wrote:
salam semua....
saya coba blokir site di salah satu warnet sekolah
dasar, dan mohon dikoreksi kenapa kok masih bisa di
buka...
skrip iptables di rc.local
Anda membolehkan NAT dari eth1 (internal) to eth0 (external/internal), tentu saja client yang bypass proxy bisa browse situs apa saja...
http_access allow notsex all http_access deny sex all http_access allow lan http_access allow localhost http_access deny !Safe_ports http_access deny CONNECT http_access deny all
Rule anda seharusnya: ... semua deny rules di awal ... ... semua allow rules ... --- terakhir deny all --- > http_access deny sex !notsex > http_access deny !Safe_ports > http_access deny CONNECT > http_access allow lan > http_access allow localhost > http_access deny all -- +-R-| Mozilla 1.0.1 Gecko/2002 |-H-| Powered by Linux 2.4.x |-7-+ |/v\ Agus Budy Wuysang MIS Department | | | Phone: +62-21-344-1316 ext 317 GSM: +62-816-1972-051 | +------------| http://www.fasw.co.id/person/supes/ |-------------+ -- Utk berhenti langganan, kirim email ke [EMAIL PROTECTED] Informasi arsip di http://www.linux.or.id/milis.php3
