I have nat setup on my box, and I can't seem to filter traffic to and from users from specific web sites. Below is my nat, which works great.
iptables -t nat -A POSTROUTING -o eth1 -j SNAT --to 207.224.79.226 this converts 192.168.0.0 out to our public address. There are two interfaces: Eth1: 207.224.79.226 Eth0: 192.168.0.200 I would like to filter traffic going out from internal users. Or even traffic coming in headed towards internal users from specific web sites. Now I have packet filter working, to drop External http requests, and it does work. For example: iptables -A INPUT -i eth1 -p tcp --dport 80 -j DROP this works fine to drop http requests But, I can not seem to filter ANY traffic coming from or going to the users on the inside doing nat. Here is some of what I have tried that does not work. iptables -I INPUT -i eth0 -d www.aol.com -j DROP iptables -I OUTPUT -o eth1 -d www.aol.com -j DROP iptables -I OUTPUT -d www.aol.com -j DROP iptables -I INPUT -s www.aol.com -j DROP iptables -I INPUT -d www.aol.com -j DROP The weird thing is that when I try to go to this site on the actual box, eg, using lynx, it restricts me, but it will not stop people who are using the nat. I have tried using eth+ as well, I am really not that picky I just would like to block access to or traffic coming from certain web sites. Thank you, David
