LinuxQuestions.org
Help answer threads with 0 replies.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Security
User Name
Password
Linux - Security This forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.

Notices


Reply
  Search this Thread
Old 06-06-2004, 01:31 AM   #16
rocordial
LQ Newbie
 
Registered: May 2004
Location: Romania, Europe
Distribution: Slackware 8.1
Posts: 28

Original Poster
Rep: Reputation: 15

If you are using masquerading try using the FORWARD channel instead of INPUT.

The rules are:

iptables -A FORWARD -p tcp -s 192.168.1.5 -d 206.132.214.10 -j ACCEPT
iptables -A FORWARD -p tcp -s 192.168.1.5 -d 207.218.164.15 -j ACCEPT
iptables -A FORWARD -p tcp -s 192.168.1.5 -j DROP

I think this should work if you have a fixed adress assigned on your son's computer and you are not using a proxy.
 
Old 06-06-2004, 02:12 AM   #17
fuzzie
LQ Newbie
 
Registered: Mar 2003
Posts: 10

Rep: Reputation: 0
Wow! The simpliest things sometimes...
FORWARD fixed it!

Thanks for all your help.
 
Old 06-06-2004, 08:33 AM   #18
fuzzie
LQ Newbie
 
Registered: Mar 2003
Posts: 10

Rep: Reputation: 0
Well, it works to block, but not for my wife.
The targeted computer uses WinXP. I hardcoded her IP under her login to a different IP and she could go anywhere.
But when I rebooted and went into my son's account, he had the hard-coded IP, not the DHCP IP, so he could go anywhere.

So I need to find a way to assign an IP depending on which account is logged on.

Any ideas?
 
Old 06-06-2004, 10:34 AM   #19
rocordial
LQ Newbie
 
Registered: May 2004
Location: Romania, Europe
Distribution: Slackware 8.1
Posts: 28

Original Poster
Rep: Reputation: 15
I suggest to run scrips for each user profile on your xp computer. Those scripts will assign a different static IP for each user that logs in.

I'm not good at windows scripting but here is a script that claims to do just that:

http://www.enterpriseitplanet.com/re...le.php/3082511

If you solved this let me know some details

P.S. at the end of that script insert an "end if". On my computer that scripd didn't find the SWbemLocator object. Maybe it should be installed form Microsoft.
 
Old 06-06-2004, 02:51 PM   #20
fuzzie
LQ Newbie
 
Registered: Mar 2003
Posts: 10

Rep: Reputation: 0
I've never used cscript....can you point me to some help on that?
 
Old 06-06-2004, 06:58 PM   #21
fuzzie
LQ Newbie
 
Registered: Mar 2003
Posts: 10

Rep: Reputation: 0
I was able to do it (thanks to CPLUG Lisa) with a batch file in All Users startup:
@echo off
if "%username%" == "wife" GOTO :wife
echo "NOT wife"
netsh interface ip set address "Local Area Connection" static 192.168.XXX.XXX 255.255.255.0 192.168.XXX.XXX 1
GOTO :end
:wife
echo "wife"
netsh interface ip set address "Local Area Connection" static 192.168.xxx.yyy 255.255.255.0 192.168.xxx.xxx 1
:end

If anyone other than wife logs on, they get the restricted IP, each internet site approved must be in the firewall script. If it is not, no page loads...someday I will try to make a default page load saying, "Access Restricted....see Dad"

Wife can go anywhere...for now!
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
A. how to permit more then one user to access a file mudasar Linux - Networking 2 11-20-2005 01:19 PM
measure the network speed between a wifi station and access point powah Linux - Wireless Networking 1 08-19-2005 11:35 AM
can only access apache website from within network kubrickfan799 Linux - Networking 3 08-10-2004 06:33 PM
Netgear router blocking website when using internal network esteeven Linux - Networking 8 09-30-2003 07:48 AM
Internal Network access is slow SkullOne Linux - Networking 4 02-07-2003 03:22 AM

LinuxQuestions.org > Forums > Linux Forums > Linux - Security

All times are GMT -5. The time now is 12:27 AM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration