Thread Rating:
  • 0 Vote(s) - 0 Average
  • 1
  • 2
  • 3
  • 4
  • 5
Internet Access
#1

Hi,

 

I was curious on how you could limit users surfing the Internet, I found KobrAs's guide useful :)

I setup a group called Internet and assigned users to it and apply this to my iptable

 



Code:
iptables -t filter -A OUTPUT -p tcp -dport 80 --match owner --gid-owner 501 -j DROP




 

This worked great, but I was wondering if you had your users logging in all over your network

using LDAP, How could you make these rules apply still?

Reply
#2

Quote:I found KobrAs's guide useful
 

which guide is that ? i'd like to read it

 

cheers

 

anyweb

Reply
#3

[/url][url=<___base_url___>/index.php...&hl=MySQL+block][/url][url=<___base_url___>/index.php...&hl=MySQL+block]https://www.linux-noob.com/forums/index.php...&hl=MySQL+block
Reply
#4

Quote:Hi, 

I was curious on how you could limit users surfing the Internet, I found KobrAs's guide useful  :)

I setup a group called Internet and assigned users to it and apply this to my iptable

 



Code:
iptables -t filter -A OUTPUT -p tcp -dport 80 --match owner --gid-owner 501 -j DROP

<div>


 

This worked great, but I was wondering if you had your users logging in all over your network

using LDAP, How could you make these rules apply still?

</div>
 

[img]<___base_url___>/uploads/emoticons/default_dry.png[/img] .. how about proxy the users... and only allow the proxy through?

Reply
#5
Yea, I been told there is a proxy enviroment varable which I can set.
Reply
#6
no you want to setup a proxy for your clients to get through.. for example you drop all outbound traffic on port 80 on your firewall but from your proxy machine. Then load up squid on it and you can have people login in order to get access to the web.. then i think in squid you can do some sort of QOS and traffic shaping
Reply
#7
yea I was looking at squid hijinks, I may have a go at messing with it
Reply


Forum Jump:


Users browsing this thread: 1 Guest(s)