advance filtering

advance filtering

[Info]

Hi list,

I have a lan with 32 PCs and a Redhat 7.3 (192.168.1.1) running IPTABLES to
route the lan into the internet. I am using a ASDL dymanic internet service
and RP-PPPOE. I would like to block the network from connecting to MSN and
AIM. At the same time, allow every machine to access to the mail server
outside of the lan. Most of these machines will not have access to surf the
internet. For example, 192.168.1.2 - 192.168.1.10 will have full access out
of the lan into the internet. 192.168.1.11 - 192.168.1.32 has only access to
the mail server.

Has anyone got a working script, a faq or even tutorial which i can read up
on?


Thanks and regards

Re: advance filtering

[John A. Sullivan III]

There is an excellent tutorial by Oskar Andreasson available on the
Netfilter web site.  There is a slide show in the training section of
http://iscs.sourceforge.net.  You can probably do this through a GUI
configuration tool such as fwbuilder (http://www.fwbuilder.org).  When
ISCS is completed, you will have a very powerful way to configure Access
Control, VPN and Routing for very complex and frequently changing
environments.  Good luck - John

On Mon, 2004-01-12 at 14:49, Info wrote:
> Hi list,
> 
> I have a lan with 32 PCs and a Redhat 7.3 (192.168.1.1) running IPTABLES to
> route the lan into the internet. I am using a ASDL dymanic internet service
> and RP-PPPOE. I would like to block the network from connecting to MSN and
> AIM. At the same time, allow every machine to access to the mail server
> outside of the lan. Most of these machines will not have access to surf the
> internet. For example, 192.168.1.2 - 192.168.1.10 will have full access out
> of the lan into the internet. 192.168.1.11 - 192.168.1.32 has only access to
> the mail server.
> 
> Has anyone got a working script, a faq or even tutorial which i can read up
> on?
> 
> 
> Thanks and regards
-- 
John A. Sullivan III
Chief Technology Officer
Nexus Management
+1 207-985-7880
john.sullivan@nexusmgmt.com