Re: [Masq] www blocking

Tue, 06 Feb 2001 18:25:31 -0800 

/* HINT: Search archives @ http://www.indyramp.com/masq/ before posting! 
/* ALSO: Don't quote this header. It makes you look lame :-) */


"Something along the lines of:

/sbin/ipchains -A input -p TCP -s 192.168.1.0/24 -d 0/0 www -j REJECT

would work.

Bob."

(Thanx Bob...)

this would turn it off and with "/sbin/ipchains -A input -s serverip/24 -j
MASQ" (not sure) or "/sbin/ipchains -A forward -s serverip/24 -j MASQ" you
turn it back on.

Put all of this in a cron job and you've got your thing running. I hope,
it's just an idea...

Koen.

ps.It could be wrong, If so please tell me...

On Wed, 07 Feb 2001 01:07:44 Ashley M. Kirchner wrote:
> /* HINT: Search archives @ http://www.indyramp.com/masq/ before posting! 
> /* ALSO: Don't quote this header. It makes you look lame :-) */
> 
> 
>     Setup: RedHat 6.2 running TrinityOS' *default* firewall script.
> (default meaning it has network-wide ipchains rules setup for the entire
> ip range of that network)
> 
>     How can I block a few machines on my internal network from accessing
> certain websites?  Basically we have employees in the company that are
> abusing their surfing privileges and I've been instructed to block their
> machines.  However, I don't want to place a network-wide block, just to
> those employees' machines.  And this would also only have to be for web
> access to certain sites like Yahoo, Hotmail, MSN, etc. (basically,
> webbased email services).
> 
>     Now, ideally, I would like to set it up in such a way that the block
> only happens during office hours (8am to 6pm), and then get lifted after
> that.  They're allowed to surf the net all they want, as long as they're
> not on company time.  But, I don't know if that can be done.
> 
>     Ideas anyone?
> 
>     AMK4
> 

-- 
Live Free or Live in Massachusettes.

_______________________________________________
Masq maillist  -  [EMAIL PROTECTED]
Admin requests can be handled at http://www.indyramp.com/masq-list/ -- 
THIS INCLUDES UNSUBSCRIBING!
or email to [EMAIL PROTECTED]

PLEASE read the HOWTO and search the archives before posting.
You can start your search at http://www.indyramp.com/masq/
Please keep general linux/unix/pc/internet questions off the list.

Reply via email to