If you are using masquerading try using the FORWARD channel instead of INPUT.
The rules are: iptables -A FORWARD -p tcp -s 192.168.1.5 -d 206.132.214.10 -j ACCEPT iptables -A FORWARD -p tcp -s 192.168.1.5 -d 207.218.164.15 -j ACCEPT iptables -A FORWARD -p tcp -s 192.168.1.5 -j DROP I think this should work if you have a fixed adress assigned on your son's computer and you are not using a proxy. |
Wow! The simpliest things sometimes...
FORWARD fixed it! Thanks for all your help. |
Well, it works to block, but not for my wife.
The targeted computer uses WinXP. I hardcoded her IP under her login to a different IP and she could go anywhere. But when I rebooted and went into my son's account, he had the hard-coded IP, not the DHCP IP, so he could go anywhere. So I need to find a way to assign an IP depending on which account is logged on. Any ideas? |
I suggest to run scrips for each user profile on your xp computer. Those scripts will assign a different static IP for each user that logs in.
I'm not good at windows scripting but here is a script that claims to do just that: http://www.enterpriseitplanet.com/re...le.php/3082511 If you solved this let me know some details :) P.S. at the end of that script insert an "end if". On my computer that scripd didn't find the SWbemLocator object. Maybe it should be installed form Microsoft. |
I've never used cscript....can you point me to some help on that?
|
I was able to do it (thanks to CPLUG Lisa) with a batch file in All Users startup:
@echo off if "%username%" == "wife" GOTO :wife echo "NOT wife" netsh interface ip set address "Local Area Connection" static 192.168.XXX.XXX 255.255.255.0 192.168.XXX.XXX 1 GOTO :end :wife echo "wife" netsh interface ip set address "Local Area Connection" static 192.168.xxx.yyy 255.255.255.0 192.168.xxx.xxx 1 :end If anyone other than wife logs on, they get the restricted IP, each internet site approved must be in the firewall script. If it is not, no page loads...someday I will try to make a default page load saying, "Access Restricted....see Dad" Wife can go anywhere...for now! |
All times are GMT -5. The time now is 08:08 PM. |