Dear all,


I am using White Box linux and i want to restrict people to use internet as well as dowload. Please tell me how to do ? i don't want to go for squid. I want to do in Shorewall. Is there any chance in shorewall? Please guide me


shogun

i think you may check size of partation where your log files are stored. Acess.log,store.log some time lack of space cause to responding squid.

df -l

To be honest, using a transparent proxy like squid or dansguardian is definitely the easiest way to do this. But you can kind of hack together a solution using iptables and restricting which IP addresses an internal system can connect to. Could you be a bit more specific about what you are trying to do, like limit browsing to a handfull of sites? Restrict only a handfull of sites? Block content by keyword? Are the users browsing from the Whitebox machine or are they on internal machines using the Whitebox system as a firewall/gateway?

i want to restrict downloads (like mp3, jpg, metacafe.com, limeware etc...). Secondly i want to give browsing restriction to the users as well as chatting also.

hari

Just want to add that Shorewall, great as it is, will not do any of this. Cut and paste from www.shorewall.net:

Shorewall Does not:



Act as a “Personal Firewall” that allows internet access by application.


Work with an Operating System other than Linux (version >= 2.4.0)


Act as a Proxy (although it can be used with a separate proxy such as Squid or Socks).


Do content filtering:


HTTP - better to use Squid and Dansguardian for that.


Email -- Install something like Postfix on your firewall and integrate it with SpamAssassin , Amavisd-new and Clamav

Configure/manage Network Devices (your Distribution includes tools for that).

I am fiddling with something similar as hariiyer as an add-in on my current gateway (which is basically shorewall)
and it seems squid will do the job......