From mboxrd@z Thu Jan  1 00:00:00 1970
From: "Shaheen Hossain" <shaheen@o2oSoft.com>
Date: Fri, 27 Dec 2002 13:13:45 +0000
Subject: [LARTC] restricting MAC or IPs using IPTABLES in Linux 7.3
MIME-Version: 1
Content-Type: multipart/mixed; boundary="----=_NextPart_000_0014_01C2ADDC.138AA960"
Message-Id: <marc-lartc-104099495212424@msgid-missing>
List-Id: <lartc.vger.kernel.org>
To: lartc@vger.kernel.org

This is a multi-part message in MIME format.

------=_NextPart_000_0014_01C2ADDC.138AA960
Content-Type: text/plain;
	charset="iso-8859-1"
Content-Transfer-Encoding: quoted-printable

RH Linux 7.3, 2.4 Kernel

I am trying to force all of my LAN users to go through a SQUID =
(2.4Stable1) proxy I have setup. And I thought I would be able to use =
iptables to deny services to all asking for PORT 80 or 8080 for web =
browsing. They should be using SQUID (certain IP, certain port # given) =
for that.=20

For all other ports, I would only allow certain IP addresses or certain =
MAC addresses to go through.

1. Can I force (allowable MAC or IPs) to use proxy (SQUID) for web =
browsing?
2. For non-web browsing activities, can I also restrict non-allowed MAC =
or IPs?

Please give me or point me towards some specific examples on these two =
tasks if you would. Thanks
------=_NextPart_000_0014_01C2ADDC.138AA960
Content-Type: text/html;
	charset="iso-8859-1"
Content-Transfer-Encoding: quoted-printable

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN">
<HTML><HEAD>
<META http-equiv=3DContent-Type content=3D"text/html; =
charset=3Diso-8859-1">
<META content=3D"MSHTML 6.00.2800.1106" name=3DGENERATOR>
<STYLE></STYLE>
</HEAD>
<BODY bgColor=3D#ffffff>
<DIV><FONT face=3DArial size=3D2>
<DIV><FONT face=3DArial size=3D2>RH Linux 7.3, 2.4 Kernel</FONT></DIV>
<DIV><FONT face=3DArial size=3D2></FONT>&nbsp;</DIV>
<DIV><FONT face=3DArial size=3D2>I am trying to force all of my LAN =
users to go=20
through a SQUID (2.4Stable1) proxy I have setup. And I thought I would =
be able=20
to use iptables to deny services to all asking for PORT 80 or 8080 for =
web=20
browsing. They should be using SQUID (certain IP, certain port # given) =
for=20
that. </FONT></DIV>
<DIV><FONT face=3DArial size=3D2></FONT>&nbsp;</DIV>
<DIV><FONT face=3DArial size=3D2>For all other ports, I would only allow =
certain IP=20
addresses or certain MAC addresses to go through.</FONT></DIV>
<DIV><FONT face=3DArial size=3D2></FONT>&nbsp;</DIV>
<DIV><FONT face=3DArial size=3D2>1. Can I force (allowable MAC or IPs) =
to use proxy=20
(SQUID) for web browsing?</FONT></DIV>
<DIV><FONT face=3DArial size=3D2>2. For non-web browsing activities, can =
I also=20
restrict non-allowed MAC or IPs?</FONT></DIV>
<DIV><FONT face=3DArial size=3D2></FONT>&nbsp;</DIV>
<DIV><FONT face=3DArial size=3D2>Please give me or point me towards some =
specific=20
examples on these two tasks if you would.=20
Thanks</FONT></DIV></FONT></DIV></BODY></HTML>

------=_NextPart_000_0014_01C2ADDC.138AA960--

_______________________________________________
LARTC mailing list / LARTC@mailman.ds9a.nl
http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/