It will only deny that if the machine running ipchains is going to sit
between the internet and the machine.domain.com.au. If both machines see the
router(PC) which goes out to the internet then theres no stopping it unless
the linux box is in the way(firewall).
thanks,
George Vieira
Network Administrator
http://www.citadelcomputer.com.au
PGP Fingerprint : 43DC 92AC 1A82 27B2 E97B 52F1 B60F 301A 38A9 A10C
PGP KeyID: 0x38A9A10C
-----Original Message-----
From: Des Wass [mailto:[EMAIL PROTECTED]]
Sent: Wednesday, November 22, 2000 3:32 PM
To: George Vieira; '[EMAIL PROTECTED]'
Subject: RE: [SLUG] IPChains and DNS
Really poor wording on my part - sorry.
I have host named machine.domain.com.au (winnt). It gets an IP at logon
through DHCP (e.g. 192.168.1.100) and then is entered into Win2k's DNS as an
A record.
I need to stop machine.domain.com.au from surfing the 'net, for example.
If I add:
ipchains -A input -p tcp -s machine.domain.com.au -d 0/0 80 -j REJECT
Will that then deny port 80 to 192.168.1.100, or will it deny it to
machine.domain.com.au (as its DHCP - the ip address may change tomorrow)
These are all internal addresses - not externals.
Thanks,
> -----Original Message-----
> From: George Vieira [mailto:[EMAIL PROTECTED]]
> Sent: Wednesday, 22 November 2000 3:01 PM
> To: 'Des Wass'
> Subject: RE: [SLUG] IPChains and DNS
[snip]
>
> The client always makes the request to the DNS server even if
> you visited
> the web page and then closed the browser and browsed again in
> 5 minutes...
>
--
SLUG - Sydney Linux User Group Mailing List - http://slug.org.au/
More Info: http://slug.org.au/lists/listinfo/slug
