I think you can try to do something with RECENT. Like marking the first packet and redirecting the traffic to a SQUID server with transparent proxy and some kind of redirector answering the same page always (squidguard, for example).
Than you can have another rule checking the mark (must be at least one line BEFORE the RECENT mark rule) and allowing the traffic. Problem is you cannot have the RECENT mark forever or else people would only see the warning message once (after every restart, of course). To counter this establish a timeout long enough for the entire work hours and maybe 1 hour more. I'm too tired to try to map this on shorewall now, please forgive me for not implementing it myself. I'm sure someone better than me can try to help you more. Flavio Machado Brasil edmarcos <[email protected]> wrote on 18 Apr 2010, 10:19 PM: Subject: [Shorewall-users] Http redirect page in the first connection. >First I would like to apologize if my English is not good ... > >For me I think it's possible but still have not found how to do despite >spending the day looking at the documentation site. > >The wanted to do was this: do the whole first http connection to a >machine inside the network were redirected to a warning page, and then >it occurred to navigate normally. > >I imagine that this would be possible using the module "limit" but do >not know how to deploy such a rule ... > >If anyone has an idea is welcome ... > > >------------------------------------------------------------------------------ > >Download Intel® Parallel Studio Eval >Try the new software tools for yourself. Speed compiling, find bugs >proactively, and fine-tune applications for parallel performance. >See why Intel Parallel Studio got high marks during beta. >http://p.sf.net/sfu/intel-sw-dev >_______________________________________________ >Shorewall-users mailing list >[email protected] >https://lists.sourceforge.net/lists/listinfo/shorewall-users > ----------------------------------------------------------------------------------------------------------------------- Send big files for free. Simple steps. No registration. Visit now http://www.nawelny.com ------------------------------------------------------------------------------ Download Intel® Parallel Studio Eval Try the new software tools for yourself. Speed compiling, find bugs proactively, and fine-tune applications for parallel performance. See why Intel Parallel Studio got high marks during beta. http://p.sf.net/sfu/intel-sw-dev _______________________________________________ Shorewall-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/shorewall-users
