Hi all. I'm new here. My name is John and i would like to ask a question.
I have installed a new Ubuntu 11.10 for a friend of mine who owns an Internet cafe. I have set up the "client" account but now i must restrict downloads for the clients at the cafe. The owner of that cafe doesn't want people to download anything on the web. Just browse and watch online videos like on youtube.
I am fairly new to linux and i would like to know how to proceed. If anyone could help, i would really appreciate it.

Thanks in advance

John

Hi John

The task you're going to tackle is a bit confusing See, the owner wanna forbid download, but allow browsing. The thing is, download is sometimes done using HTTP protocol. This is exactly the same protocol you use for browsing. So, you see the trouble, right?

But, at least you prevent the "other protocol" to get into action like FTP, bitTorrent etc. So, maybe the idea is putting something like these iptables rules in the internet cafe gateway/firewall/proxy:
iptables -A INPUT -m state --state RELATED,ESTABLISHED -j ACCEPT
iptables -A INPUT -p tcp --sport 80 -j ACCEPT
iptables -A INPUT -j REJECT

iptables -A OUTPUT -p tcp --dport 80 -j ACCEPT
iptables -A OUTPUT -j REJECT

Those rules above means just allow connection to port 80 (HTTP), then drop the rest. Of course, you need to adjust it according to your real situation i.e adjust on which interface that faces the WAN and which one faces the LAN etc

Hope it helps...

1 members found this post helpful.

It worked! thanks so much!!!
JS

Hi John

You welcome, glad if I can help

PS: Care to give reputation point to me?

1 members found this post helpful.