firewall internet restriction
Dear all,
I am using White Box linux and i want to restrict people to use internet as well as dowload. Please tell me how to do ? i don't want to go for squid. I want to do in Shorewall. Is there any chance in shorewall? Please guide me shogun |
squid crashing
i think you may check size of partation where your log files are stored. Acess.log,store.log some time lack of space cause to responding squid.
df -l |
To be honest, using a transparent proxy like squid or dansguardian is definitely the easiest way to do this. But you can kind of hack together a solution using iptables and restricting which IP addresses an internal system can connect to. Could you be a bit more specific about what you are trying to do, like limit browsing to a handfull of sites? Restrict only a handfull of sites? Block content by keyword? Are the users browsing from the Whitebox machine or are they on internal machines using the Whitebox system as a firewall/gateway?
|
i want to restrict downloads (like mp3, jpg, metacafe.com, limeware etc...). Secondly i want to give browsing restriction to the users as well as chatting also.
hari |
what shorewall does not do
Just want to add that Shorewall, great as it is, will not do any of this. Cut and paste from www.shorewall.net:
Shorewall Does not: Act as a “Personal Firewall” that allows internet access by application. Work with an Operating System other than Linux (version >= 2.4.0) Act as a Proxy (although it can be used with a separate proxy such as Squid or Socks). Do content filtering: HTTP - better to use Squid and Dansguardian for that. Email -- Install something like Postfix on your firewall and integrate it with SpamAssassin , Amavisd-new and Clamav Configure/manage Network Devices (your Distribution includes tools for that). I am fiddling with something similar as hariiyer as an add-in on my current gateway (which is basically shorewall) and it seems squid will do the job...... |
All times are GMT -5. The time now is 08:29 PM. |