Network Troublshooting > General Networking Support in Linux

blocking the sites and particular IPs

(1/1)

Rakesha_a:
hi all,
i have redhat linux 7.2 with squid. actually i don't have much more exposure in linux . I have to restrict some sites and IPs. how can i do that?
also say about scheduling. suppose for ip 192.168.0.143, should be allowed only between 10 to 12 am.

plz guide me in details.

Thank you!

Ricky:
For blocking sites and ips you can use both squid as well as Iptables..

First of all you have to remove ipchains.. ( used before iptables in earlier versions) and load iptables.. in ur system . Run the following commands ... ( all commands are to be executed separately and the lines with '#' are for description..

--- Code: ---
chkconfig --del ipchains


chkconfig --add iptables


ipchains -F


service ipchains stop


rmmod ipchains


service iptables start
--- End code ---
I have told those as redhat contains ipchains as default in earlier versions.

Now to block sites.. using squid see this post.. by me..
http://www.linuxsolved.com/forums/viewtopic.php?t=155

also to block a specific ip you can following in squid.conf
say we have to block 192.168.0.7 and 192.168.0.12

--- Code: ---acl badips src 192.168.0.7 192.168.0.12
acl badips deny

--- End code ---
here "badips" is the word i have chosen u can use anything else..

Now to block some ips using iptables..
say we have to block a 192.168.0.21

--- Code: ---iptables -I INPUT -s 192.168.0.21 -j DROP


iptables -A FORWARD -d domain.com -j DROP

--- End code ---

Since you are using RH7.2 you can save all iptables rules in a text file such as "rc.nat" and put that file in /etc/rc.d/ then make it execuatable by

--- Code: ---chmod 755 <full filename with path>
--- End code ---
Now open your /etc/rc.d/rc.local and add the path to ur script file her it should be

--- Code: ---/etc/rc.d/rc.nat
--- End code ---
Now every time u boot ur linux it will get executed automatically...

Lastly. ur all question had been answered here already .. U can also used Search feature and if unable to find answer then u can always post..

Ricky:
BTw.. i just forgot abouit scheduling thing.. see my this post.. http://www.linuxsolved.com/forums/viewtopic.php?t=166

Navigation

[0] Message Index

Go to full version