LinuxQuestions.org

LinuxQuestions.org (/questions/)
-   Linux - Security (http://www.linuxquestions.org/questions/linux-security-4/)
-   -   how to restrict web browsing in the local lan (http://www.linuxquestions.org/questions/linux-security-4/how-to-restrict-web-browsing-in-the-local-lan-91540/)

qmesbah 09-11-2003 03:05 AM

how to restrict web browsing in the local lan
 
i have 2 interface in my server local (192.168.0.1) & internet (Ethernet with real IP). services in the server are proxy, dns, web, mail. using ipchain as firewall. any one can help me to solve these problem -

1. how can i restrict some of my local user only from web browsing, but he will be able to send and receive mail.

2. how can i restrict some of my local user to send external mail but shloud be able to send internally and receive both internal nad external mail, i use sendmail.

phoeniXflame 09-11-2003 06:23 AM

Firstly I'd recommend upgrading your kernel as Iptables are now the prefered method of filtering, secondly, just write 2 rules to block incomming packets to your blocked users ip address with a source port of 80 (and 8080 to stop proxys)

qmesbah 09-12-2003 11:12 PM

thanks phoeniXflame

ppuru 09-13-2003 06:23 AM

qmesbah-moshai

What flavour and version of liGNUx do you use?

iptables is currently preferred over ipchains.

if you are using kernel 2.4, you can use iptables.

You had mentioned proxy in your post. I assume you are using SQUID. You can control web browsing using acls in squid.

qmesbah 09-14-2003 12:15 AM

thanks ppuru.
yeah 2.4 & squid.
i got the solution of my first question.
can any one help me to solve the second one.

unSpawn 09-16-2003 07:59 AM

2. how can i restrict some of my local user to send external mail but shloud be able to send internally and receive both internal nad external mail, i use sendmail.
Controlled relaying, I guess. Search LQ and Sendmail.org for posts/docs on relaying. After you've read those, adjust your /etc/mail config files, try, test, and post if any errors/questions occur.


All times are GMT -5. The time now is 05:21 AM.