[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: Forbidding or not access to webpages of network users
- To: DSA - JCR <juancr_(_at_)_dsa_(_dot_)_es>
- Subject: Re: Forbidding or not access to webpages of network users
- From: Kevin Kinsey <kdk_(_at_)_daleco_(_dot_)_biz>
- Date: Wed, 11 Apr 2007 07:42:42 -0500
- Cc: freebsd-questions_(_at_)_freebsd_(_dot_)_org
DSA - JCR wrote:
Hi all in this list
I want to know if there is a way to forbid to network users the access to
The example, I work in an enterprise in which several users are accesing
to webpages others than the enterprise's own.
I want that the users can only access to the the webpages and services of
the enterprise, but also that 2 PC can access everywhere (the boss ones).
Can I make it with FreeBSD? How? I have read the Firewall handbook pages,
but i don't know exactly if i can do it with PF, IPF or IPFW (or something
A common solution is to install a proxy server (such as Squid [/usr/ports/www/squid])
and set the firewall to not allow traffic from any machines out to the WWW except
the proxy server.
Squid can utilize "Access Control Lists"; here's a statement from my "squid.conf":
acl banned_sites url_regex -i "/etc/banned/porn"
http_access deny banned_sites
acl banned_sites2 url_regex -i "/etc/banned/games"
http_access deny banned_sites2
You can also have an "allow only" list and deny all other requests.
My users are W2K.
On the otherhand, I think this is a common problem, isn't it? ;D
For many people, yes.
Rules for Academic Deans:
(2) If they find you, LIE!!!!
-- Father Damian C. Fandal
freebsd-questions_(_at_)_freebsd_(_dot_)_org mailing list
To unsubscribe, send any mail to "freebsd-questions-unsubscribe_(_at_)_freebsd_(_dot_)_org"
Visit your host, monkey.org