Re: Host blocking - Jason Opperisano

All of lore.kernel.org
 help / color / mirror / Atom feed

From: Jason Opperisano <opie@817west.com>
To: netfilter@lists.netfilter.org
Subject: Re: Host blocking
Date: Tue, 17 May 2005 09:14:15 -0400	[thread overview]
Message-ID: <20050517131415.GA844@bender.817west.com> (raw)
In-Reply-To: <003b01c55acb$841114a0$f00aa9c0@winxp>

On Tue, May 17, 2005 at 01:30:58PM +0300, Wennie V. Lagmay wrote:
> Our ISP's Proxy server is proxy.ISP.net , our company's own proxy server is 
> proxy.ourcompany.net. Our own proxy server has delay_pool but our ISP proxy 
> server dont have. I want to control our client to use only our company 
> proxy server. how can I block the proxy.ISP.net using IP tables so that 
> every body can be force to use our compnay proxy server. (note that our 
> company proxy server is connected to our ISP proxy server as cache_peer 
> parent)

assuming your company proxy server is on a different machine than the
firewall:


  iptables -A FORWARD -p tcp --syn -s proxy.ourcompany.net \
    -d proxy.ISP.net --dport $PROXY_PORT -j ACCEPT

  # assuming your internal machines are allowed unfettered access
  # to the internet

  iptables -A FORWARD -p tcp --syn -d proxy.ISP.net -j DROP

-j

--
"Guy on Street #2: It's 3:00. Where the hell is Louie?
 Guy on Street #1: Well, you tell me. Louie left his house at 2:15 and
 had to travel a distance 6.2 miles traveling at a rate of five miles a
 hour. When will Louie get here? 
 Guy On Street #2: Depends if he stops to see his ho. 
 Guy on Street #1: That's what we call a "variable"."
        --Family Guy

next prev parent reply	other threads:[~2005-05-17 13:14 UTC|newest]

Thread overview: 13+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2005-05-17 10:30 Host blocking Wennie V. Lagmay
2005-05-17 11:12 ` Jörg Harmuth
2005-05-17 13:09 ` Askar
2005-05-17 13:17   ` wlagmay
2005-05-17 13:14 ` Jason Opperisano [this message]
2005-05-17 13:39   ` Wennie V. Lagmay
2005-05-17 13:44     ` Jason Opperisano
2005-05-17 13:50       ` Wennie V. Lagmay
2005-05-18  7:09   ` Wennie V. Lagmay
2005-05-18 15:08     ` Jason Opperisano
2005-05-19  4:10       ` Wennie V. Lagmay
2005-05-19 18:38         ` Jason Opperisano
2005-05-17 16:06 ` Taylor, Grant

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=20050517131415.GA844@bender.817west.com \
    --to=opie@817west.com \
    --cc=netfilter@lists.netfilter.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.