LinuxQuestions.org

LinuxQuestions.org (/questions/)
-   Linux - Server (https://www.linuxquestions.org/questions/linux-server-73/)
-   -   How to block web sites on a specific IP address ? (https://www.linuxquestions.org/questions/linux-server-73/how-to-block-web-sites-on-a-specific-ip-address-923612/)

gardenair 01-13-2012 10:02 AM
How to block web sites on a specific IP address ?
 
Hi,
I am using CENTOS 5.1 for squid server. I want to block a some sites like facebook on one specific IP address of my internal network. I know how to block sites but it will impliment on all ip addreses which is not good for top managament.For example to block sites for whole network following i do

Code:
acl banned_sites destdomain facebook.com youtube.com

acl our_networks src 192.168.1.0
http_access deny banned_sites
http_access allow our_networks
but my aim is to block these sites only on the IP address
192.168.1.50

Please guide me how can i block web sites on a specific IP.

thanks,
gardenair

TB0ne 01-13-2012 10:32 AM
Quote:
Originally Posted by gardenair (Post 4573676)
Hi,
I am using CENTOS 5.1 for squid server. I want to block a some sites like facebook on one specific IP address of my internal network. I know how to block sites but it will impliment on all ip addreses which is not good for top managament.For example to block sites for whole network following i do

Code:
acl banned_sites destdomain facebook.com youtube.com
acl our_networks src 192.168.1.0
http_access deny banned_sites
http_access allow our_networks
but my aim is to block these sites only on the IP address 192.168.1.50 Please guide me how can i block web sites on a specific IP.
The same way you block ANY IP in squid, as we've 'guided you' to before:
http://www.linuxquestions.org/questi...s-only-885565/

Create another ACL, put it in Squid, or add the IP address to the banned_sites list. Not much else to it. Again, reference the Squid docs.

gardenair 01-13-2012 11:03 AM
thanks "TB0ne" for the prompt reply. Well as to your reply and my previous post regarding to it if i do it the user can not access even google.com. I want that he should do normal browsing but can not open youtube or facebook.
yes will see Squid docs for more reference.

thanks,
gardenair

TB0ne 01-13-2012 11:27 AM
Quote:
Originally Posted by gardenair (Post 4573716)
thanks "TB0ne" for the prompt reply. Well as to your reply and my previous post regarding to it if i do it the user can not access even google.com. I want that he should do normal browsing but can not open youtube or facebook.
yes will see Squid docs for more reference.
Creating an ACL for banned sites has been VERY well documented. What part are you having problems with? And reading the documentation and doing basic research should be step one for ANY problem:

http://wiki.squid-cache.org/SquidFaq...ork.21__why.3F

gardenair 01-13-2012 11:58 AM
Really good help. Appreciate u.;)
gardenair

baronobeefdip 01-16-2012 03:23 PM
use a firewall, you can allow traffic from a specific website to pass to certain machines and block it from getting to other machines, the rulesets must be set as such. read up on IPTables or (to me which is easier) is OpenBSD Packet Filter where the ruleset syntax is a little easier, it hasn't been ported to linux but you can create a bridge from FreeBSD or OpenBSD (reccomend FreeBSD since settings are a little easier than OpenBSD)

Unless your users know how to do this you can block their MAC addresses since a DHCP server changes their IP addresses once the lease is expired, many security specialists don't reccomend this since MAC spoofing is possible but most computer users can't do it (requires a lot of work in Windows and some reading to do it in UNIX)

Good Luck

kanna411988 02-16-2012 12:57 AM
How to block the facebook for the particular ip address in squid.I am new to squid server......

deep27ak 02-16-2012 01:27 AM
Quote:
Originally Posted by kanna411988 (Post 4603722)
How to block the facebook for the particular ip address in squid.I am new to squid server......
You should not be posting here with a new question as the thread doesn't belongs to you

Kindly start a new thread with all the details like your distro and what all you have tried so far.

TB0ne 02-16-2012 09:23 AM
Quote:
Originally Posted by kanna411988 (Post 4603722)
How to block the facebook for the particular ip address in squid.I am new to squid server......
See the replies above. Read the squid documentation, since ACL's for blocking sites are very well documented.


All times are GMT -5. The time now is 02:38 AM.