Linux Forums - Linux Help,Advice & support community:LinuxSolved.com
Network Troublshooting => Linux Proxy Server Support => Topic started by: ramchauhan on December 12, 2008, 10:37:15 AM
-
Scenario:
I write an acl to restrict a site say xxx.com, and this works perfect. But I can bypass this acl simply by typing the ip address of xxx.com
How do I handle such situation.
Regards
Ram.
-
I guess Squid can block remote domains only, ip based blocking of website is not there. Anyways, still you can use Iptables to block IP of website.
Use following :
iptables -I INPUT -s XXX.XXX.XXX.XXX -j DROP
where xxx.xxx.xxx.xxx stands for ip of website.
-
Thanks Ricky for your prompt reply.
But the scenario was only a example, what if a want to block a entire category of porn sites,
the blacklist which I have contains around lacs of entries, and all are blocked when one tries to access it. Keying in IP of any restricted domain will allow it.
Regards
Ram.
-
well.. yes it will allow if directly accessed via IP.
I guess you can only block frequently accessed one via IP, blocking rest should be done via squid "word" filtering.
-
Thanks Ricky.
What i was thinking is there has to be a way where in if ip is keyed in to access a web site it should first resolve it to its domain name and if this is achieved the site will be blocked as it is in acl. UTMs like Cyberoam,Sonicwall and Fortigate are easily doing this.