Re: dhcp windows client port (nfcan: addressed to exclusive sender for this address)

Linux Netfilter discussions
 help / color / mirror / Atom feed

From: Jim Laurino <nfcan.x.jimlaur@dfgh.net>
To: netfilter@lists.netfilter.org
Subject: Re: dhcp windows client port (nfcan: addressed to exclusive sender for this address)
Date: Sat, 12 Nov 2005 22:13:35 -0500	[thread overview]
Message-ID: <20051113031335.GC28723@salty> (raw)
In-Reply-To: <BAY102-F1641FB10F962FBD8A6F79EAE580@phx.gbl> (from +nfcan+jimlaur+957286d880.props666999#hotmail.com@spamgourmet.com on Sat, Nov 12, 2005 at 18:27:32 -0500)

On 2005.11.12 18:27, P theodorou - props666999@hotmail.com wrote:
> Hello again
> 
> Anybody knows where can i find scripts  with very restricted policies ?
> If someone could suggest some  would be very appreciated

You can not have a more restrictive filter rule set
than the one Rob Sterenborg already gave you.

Your original statement:

>> I wish the windows machine which receives Internet
>> from the firewall pc to be restricted fully
>> apart from the port needed to access the internet.

is ambiguous, because "the internet" is *everything*,
but you did use the singular, "the port".

So I am responding to what I think you
might be trying to accomplish.

My guess is you mean something more like "the web".

I think you mean that you want
to restrict the pc to just "web browsing".

If this guess is correct, then
what you need to understand is that this
is not really a job that a firewall can do.

A firewall can restrict the pc to access
just tcp port 80, but that does not really
restrict what kind of traffic can flow.

My guess is that making the pc use
a proxy web server may do what you want.

For Linux, you could look at squid:

http://www.squid-cache.org/

I hope that helps.

-- 
Jim Laurino
nfcan.x.jimlaur@dfgh.net
Please reply to the list.
Only mail from the listserver reaches this address.

next prev parent reply	other threads:[~2005-11-13  3:13 UTC|newest]

Thread overview: 5+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2005-11-12 21:25 dhcp windows client port Gabriel
2005-11-12 23:27 ` P theodorou
2005-11-12 23:51   ` Tom Eastep
2005-11-13  3:13   ` Jim Laurino [this message]
  -- strict thread matches above, loose matches on Subject: below --
2005-11-12 18:45 P theodorou
2005-11-12 19:36 ` dhcp windows client port (nfcan: addressed to exclusive sender for this address) Jim Laurino

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=20051113031335.GC28723@salty \
    --to=nfcan.x.jimlaur@dfgh.net \
    --cc=netfilter@lists.netfilter.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox