Have you looked into setting up a Squid proxy/filter? Much less of a headache than doing it at the iptables level.
On 10/04/2012 08:26 AM, Michael Tiernan wrote: > On 10/4/12 3:27 AM, vivek chalotra wrote: >> And now i want to block youtube on my network. > > It can be done with iptables however it's not for the faint of heart. > I did some reading about it on a dd-wrt website and it wasn't > something I found as an easy solution to a single problem such as this. > > However, blocking by name string leaves open the ipaddress approach so > you have to do both things and this isn't something easily maintained. > > May I respectfully suggest that the problem isn't at the iptables > level but at the user level? > A simple "You do it, you're cut off." rule is more effective and would > move the responsibility from you and the system software to those > managing the users. > -- > << MCT >> Michael C Tiernan xmpp:mtier...@mit.edu +1 (617) 324-9173 > MIT - Laboratory for Nuclear Science - http://www.lns.mit.edu > High Perf Research Computing Facility at The Bates Linear Accelerator > Please avoid sending me MS-Word or MS-PowerPoint attachments. > See http://www.gnu.org/philosophy/no-word-attachments.html