Linux-Noob Forums

Full Version: Internet Access
You're currently viewing a stripped down version of our content. View the full version with proper formatting.

Hi,

 

I was curious on how you could limit users surfing the Internet, I found KobrAs's guide useful :)

I setup a group called Internet and assigned users to it and apply this to my iptable

 



Code:
iptables -t filter -A OUTPUT -p tcp -dport 80 --match owner --gid-owner 501 -j DROP




 

This worked great, but I was wondering if you had your users logging in all over your network

using LDAP, How could you make these rules apply still?


Quote:I found KobrAs's guide useful
 

which guide is that ? i'd like to read it

 

cheers

 

anyweb


Quote:Hi, 

I was curious on how you could limit users surfing the Internet, I found KobrAs's guide useful  :)

I setup a group called Internet and assigned users to it and apply this to my iptable

 



Code:
iptables -t filter -A OUTPUT -p tcp -dport 80 --match owner --gid-owner 501 -j DROP

<div>


 

This worked great, but I was wondering if you had your users logging in all over your network

using LDAP, How could you make these rules apply still?

</div>
 

[img]<___base_url___>/uploads/emoticons/default_dry.png[/img] .. how about proxy the users... and only allow the proxy through?

Yea, I been told there is a proxy enviroment varable which I can set.
no you want to setup a proxy for your clients to get through.. for example you drop all outbound traffic on port 80 on your firewall but from your proxy machine. Then load up squid on it and you can have people login in order to get access to the web.. then i think in squid you can do some sort of QOS and traffic shaping
yea I was looking at squid hijinks, I may have a go at messing with it