2009/12/17, kurniadi <[email protected]>: > 2009/12/17, Tom Eastep <[email protected]>: >> -----BEGIN PGP SIGNED MESSAGE----- >> Hash: SHA1 >> >> On 12/16/2009 06:18 PM, kurniadi wrote: >>> Hi all, >>> >>> >>> I Try use shorewall rules with time element but its never works, the >>> rules look like this >>> >>> HTTPS(REJECT) loc >>> net:69.63.181.11,69.63.181.12,69.63.184.142,69.63.187.17,69.63.187.19 >>> localtz×tart=20:00×top=20:10&weekdays=Mon,Tue,Wed,Thu,Fri >>> >>> This rules for block https access to facebook site at working hours & >>> day My system is Debian lenny, shorewall 4.4.4.2 kernel >>> 2.6.30-bpo.2-amd64, the kernel module for time element already >>> support. >>> >> >> Shorewall is not the proper tool for trying to limit traffic to a >> particular domain. You will never be able to keep up with the list of IP >> addresses used by facebook. See Shorewall FAQ 39 for more information. >> > > Ok maybe this not perpect solution for block https, I will try in > squid instead shoerwall. > but why time element rule did not work ?, since this feature new in > shorewall, im not found working example. Could you tell us example > working rules > hmm after try and error a couple time this rule work with add - in the middle the rule look like this
HTTPS(REJECT) loc net:69.63.181.11,69.63.181.12,69.63.184.142,69.63.187.17,69.63.187.19 - - - - - - - - localtz×tart=20:00×top=20:10&weekdays=Mon,Tue,Wed,Thu,Fri Kurniadi ------------------------------------------------------------------------------ This SF.Net email is sponsored by the Verizon Developer Community Take advantage of Verizon's best-in-class app development support A streamlined, 14 day to market process makes app distribution fast and easy Join now and get one step closer to millions of Verizon customers http://p.sf.net/sfu/verizon-dev2dev _______________________________________________ Shorewall-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/shorewall-users
