Iptables thingy
Hey guys.. I just updated the firmware of a Linksys router to a hacked one. And I can use iptables to add blocking rules to my network, but the router lacks the feature to block a pc's total internet access save a few domains. So, basically, what I want to do is to block internet access totally to 1 pc except for 2 domain names.. I'm just a newbie at iptables, so could anyone give me a lead ?
|
$INTIF = eth0
# Flush the chains $IPTABLES -F INPUT $IPTABLES -F OUTPUT $IPTABLES -F FORWARD #drop all traffic $IPTABLES -A INPUT -i $INTIF -p tcp -j drop $IPTABLES -A INPUT -i $INTIF -p udp -j drop $IPTABLES -A INPUT -i $INTIF -p tcp -j drop # Allow your 2 destinations $IPTABLES -A INPUT -i $EXTIF -s 0.0.0.0 -d www.site1.com -j ACCEPT $IPTABLES -A INPUT -i $EXTIF -s 0.0.0.0 -d www.site1.com -j ACCEPT Although I'm not sure you can allow based on a DNS name. I tried to block using a DNS entry, and it wasn't quite succussful. What I've typed would have to be running on the machine you want to restrict |
All times are GMT -5. The time now is 08:04 AM. |