Guest beeson Posted November 4, 2008 Report Share Posted November 4, 2008 Hi all, Mandriva 2009. average noob here, I'm new to Linux but we originally set it up here in our office (about 10 Windows XP users) to use as a file server. The Samba works great. Since then we've started using it as an internet gateway also to share our cable modem connection. Internet goes in Eth1 and out Eth0 to the hub. We use the firewall to deny certain employees access to things like http and gnutella BUT still allow them to access SMTP and IM (because we use IM in the office.) Other employees who don't abuse the internet get to keep http and gnutella. BTW I use Firestarter to control the firewall. What I want to know is there a way I can say a specific lan IP (Example: 192.168.2.100) is denied a connection to Myspace.com. I don't want to block myspace.com for all employees because not ALL employees abuse the privilege of moderate internet use during breaks and lunch and such. I would like to be able to do this WITH firestarter because I'm not so great in the CLI, but if I have to use the CLI is there a way to make that change there but still keep firestarter, or will I have to through out firestarter all together and start editing the IPTABLES by hand all the time? Thanks in Advance! Beeson Quote Link to comment Share on other sites More sharing options...
aioshin Posted November 4, 2008 Report Share Posted November 4, 2008 there are lots of free proxy or ip cloaking site out there that anyone can use to be allowed to access what they want to access, so blocking a specific IP source thou possible but still be able to bypass. On my experience, its better to setup a proxy server with squidguard, its another story though but just my suggestion. It can be administered via webmin, so you dont need to cli. try to google squid + squidguard + webmin. Then you should configure your gateway to do transparent proxy. Quote Link to comment Share on other sites More sharing options...
ianw1974 Posted November 4, 2008 Report Share Posted November 4, 2008 I'm not sure squidguard is maintained anymore. But dansguardian works right out of the box with squid and is currently maintained. Quote Link to comment Share on other sites More sharing options...
Guest beeson Posted November 6, 2008 Report Share Posted November 6, 2008 I'm not sure squidguard is maintained anymore. But dansguardian works right out of the box with squid and is currently maintained. So setup up squid in conjunction with dansguardian, and I can access that remotely vai webmin on an apache server? Quote Link to comment Share on other sites More sharing options...
ianw1974 Posted November 7, 2008 Report Share Posted November 7, 2008 you would only need webmin, no need to install apache unless you were running a web server as well. Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.