Block user accessing http://10.0.0.5/hp/device/set_config.html
Centos 5.5 using iptables and squid with sqstat. User is behind my firewall trying to access out.
How do I prevent a user's printer application from trying to access "http://10.0.0.5/hp/device/set_config.html". Do I do it in iptables like this: Code:
-A INPUT -m tcp -p tcp -d 10.0.0.5 --dport 80 -j DROP |
I believe that if he is behind your firewall, and your firewall is using IPTABLES for control, then the line should be appended to OUTPUT. However, you would have to be careful to drop only his/her port 80 requests, though it would block all his port 80 requests.
Block all his/her port 80 requests going out would make them come ask why they can't access the Internet and then you could figure out what's going on. That is the sledgehammer approach. |
If they are accessing the IP through Squid, use a Squid ACL, like:
Code:
acl printer dst 10.0.0.5/32 Code:
iptables -I FORWARD -d 10.0.0.5 -j DROP |
Thanks
Sorry for the late response, was a public holiday yesterday in South Africa so I did not come to work.
Thanks tardis1 for your input. However win32sux's suggestion solved my problem. Thanks win32sux! |
All times are GMT -5. The time now is 07:29 PM. |