From mboxrd@z Thu Jan 1 00:00:00 1970 From: Jandre Olivier Date: Thu, 19 Jan 2006 12:18:24 +0000 Subject: Re: [LARTC] Allowing certain IP to browse Message-Id: <43CF8390.20600@megaserve.net> List-Id: References: <1247.192.168.35.14.1137669461.squirrel@webmail.satconet.com> In-Reply-To: <1247.192.168.35.14.1137669461.squirrel@webmail.satconet.com> MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit To: lartc@vger.kernel.org howdy, iptables will help u here for starters /sbin/iptables -A FORWARD -s 192.168.x.2/32 -p tcp --dport 80 -j ACCEPT /sbin/iptables -A FORWARD -s 192.168.x.2/32 -p tcp --dport 25 -j ACCEPT /sbin/iptables -A FORWARD -s 192.168.x.2/32 -j DROP similiar setup for the rest, this is not very clean though, might want to create subnets for each network and put them in seperate network cards in your linux box to physicly segment the networks, then you have control Lata J andrew.goodluck@intafrica.com wrote: > Hi all, > Need your input of the following: > I have a linux box(firewall) > -I want to restric some users not to browse but send emails only > Example: 192.168.x.2 up to 192.168.X.45 to send emails and browse, while > the rest(192.168.X.46 to 192.168.X.254) to send emails only. How do I do > that? > thanx > Andy > > _______________________________________________ > LARTC mailing list > LARTC@mailman.ds9a.nl > http://mailman.ds9a.nl/cgi-bin/mailman/listinfo/lartc -- /*---------------------------------------------------------------------*/ __ _ ---------- / / (_)__ __ ____ __ --------- ------- / /__/ / _ \/ // /\ \/ / -------- ---- /____/_/_//_/\_,_/ /_/\_\ ------ localhost@localdomain.za.net _______________________________________________ LARTC mailing list LARTC@mailman.ds9a.nl http://mailman.ds9a.nl/cgi-bin/mailman/listinfo/lartc