Originally Posted by bkcreddy17
how to block a particular web site for all networks and allow for a particular network. suppose i want to allow abc.example.com only from a particular public ip or *.example.com network. i think we can't use tcp wrappers for this. should we use iptables or what. if we use iptables can any body tell me the rules? i am using rhel5 server 32-bit.
You didn't tell what/who is trying to access forbidden networks. I assume you mean web browsing? Or just servers who should not contact outside networks?
Blocking web surfing:
Depends your network configuration. Blocking addresses with firewall is not good. One web site may have many different IP addresses (eg www.google.com
) so blocking them separately is too difficult.
So - easiest way is block with domain name. On large network configure your DNS server to give "wrong" IP for bad domains. www.bad-host.org
goes to company web server (CNAME or A) which will tell that "sorry - access to that domain is forbidden".
On smaller scale you can just modify /etc/hosts -file and put forbidden hosts there and give IP address 127.0.0.1. Or other internal web IP server which will give error message.
But these are not complete protection. Just most easiest to setup. For complete protection is force to use company web proxy that will control access to internet (addresses/domains). For example DansGuardian is very usefull proxy extension.