I want to block users from getting to the internet with the exception of a handful of websites. I'm using: ACCEPT loc net:www.weather.com tcp 80
This works fine for some sites, but with sites like the weather channel, I only get partial content. I've looked at the source code and found that they use a lot of sub domains like images.weather.com. Other sections, even pull from domains other than their own or specific ip addresses (that seem to rotate). I've currently got a section of rules allowing about 15 different ip addresses out, but the addresses are changing every few days. What is the best way around this? (Other than constantly monitoring the shorewall log and adding ip addresses to the rules) ------------------------------------------------------------------------- This SF.net email is sponsored by DB2 Express Download DB2 Express C - the FREE version of DB2 express and take control of your XML. No limits. Just data. Click to get it now. http://sourceforge.net/powerbar/db2/ _______________________________________________ Shorewall-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/shorewall-users
