LinuxQuestions.org
Help answer threads with 0 replies.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Security
User Name
Password
Linux - Security This forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.

Notices


Reply
  Search this Thread
Old 12-15-2010, 06:56 AM   #1
ledpepper
LQ Newbie
 
Registered: Dec 2010
Posts: 10

Rep: Reputation: 0
Block user accessing http://10.0.0.5/hp/device/set_config.html


Centos 5.5 using iptables and squid with sqstat. User is behind my firewall trying to access out.

How do I prevent a user's printer application from trying to access "http://10.0.0.5/hp/device/set_config.html".


Do I do it in iptables like this:

Code:
-A INPUT -m tcp -p tcp -d 10.0.0.5 --dport 80 -j DROP
When I view sqstat his IP is hitting squid with 20 connections. What I would like to do is block all attempts to access 10.0.0.5 from behind the firewall.
 
Old 12-15-2010, 08:37 AM   #2
tardis1
LQ Newbie
 
Registered: Sep 2010
Location: Texas
Distribution: Ubuntu Server lucid, Ubuntu Desktop maverick
Posts: 15

Rep: Reputation: 0
I believe that if he is behind your firewall, and your firewall is using IPTABLES for control, then the line should be appended to OUTPUT. However, you would have to be careful to drop only his/her port 80 requests, though it would block all his port 80 requests.

Block all his/her port 80 requests going out would make them come ask why they can't access the Internet and then you could figure out what's going on. That is the sledgehammer approach.
 
Old 12-15-2010, 04:00 PM   #3
win32sux
LQ Guru
 
Registered: Jul 2003
Location: Los Angeles
Distribution: Ubuntu
Posts: 9,870

Rep: Reputation: 380Reputation: 380Reputation: 380Reputation: 380
If they are accessing the IP through Squid, use a Squid ACL, like:
Code:
acl printer dst 10.0.0.5/32
http_access deny printer
...but if they're going through the firewall/router, you'll need to use the FORWARD chain, like:
Code:
iptables -I FORWARD -d 10.0.0.5 -j DROP
...and really, you might wanna do both.
 
Old 12-17-2010, 01:36 AM   #4
ledpepper
LQ Newbie
 
Registered: Dec 2010
Posts: 10

Original Poster
Rep: Reputation: 0
Thumbs up Thanks

Sorry for the late response, was a public holiday yesterday in South Africa so I did not come to work.

Thanks tardis1 for your input. However win32sux's suggestion solved my problem. Thanks win32sux!
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
How to block HTTP requisitions with invalid/blank http referer field brgsousa Linux - Software 2 10-18-2010 02:49 PM
Block Internet(http) access for particular user deva_raju Linux - Security 2 10-31-2009 07:59 AM
trying to block user from accessing external web site with iptables Histamine Linux - Networking 1 08-10-2007 07:43 AM
How to block a certain user from accessing the internet darkone66669 Linux - Security 5 12-01-2006 12:37 PM
(Foolish linux user deletes block device) Zander Linux - General 3 02-15-2004 11:40 PM

LinuxQuestions.org > Forums > Linux Forums > Linux - Security

All times are GMT -5. The time now is 06:27 AM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Open Source Consulting | Domain Registration