Date: Wed, 27 Mar 2002 06:27:45 -0500 From: Lord Raiden <raiden23@netzero.net> To: Gabriel =?iso-8859-1?Q?Le=F2n?= Leyva <gleon@socoada.com.mx>, questions@FreeBSD.org Subject: Re: block certain ips Message-ID: <4.2.0.58.20020327062142.009612a0@pop.netzero.net> In-Reply-To: <5.0.1.4.0.20020326180625.02dbd398@oficinas.socoada.com.mx>
index | next in thread | previous in thread | raw e-mail
At 06:10 PM 3/26/02 -0700, Gabriel Leòn Leyva wrote:
> Is there a way to block certain on bsd, I have several pcs with
> 10.10.10.? ips
>I want them to be able to user microsoft messenger but for some of these
>ips I dont want
>them to access internet... Could this be posible.. Thanks in advance..
Yes, this is easy. But it depends. Are you referring to doing
this on each machine or via a firewall? I'd say it would be easier if it's
going through a firewall or a proxy because then you have less work and it
will be easier to actually block this and keep track of it at the same
time. IF your internet access is routed through a firewall, just setup
either a proxy so that only aproved IP's have net access, or in IPFW just
setup some rules that says something to the respect of "allow out for this
and this, but not for these if this and this are true, and block the rest
and only apply to these IP's." Also, don't forget to log this so you can
see who's still trying to break the rules. :)
As far as how to setup these rules, I'm probubly the last to ask
on that because I'm definately no expert on IPFW, but I know it can be done
cause I've done it. :)
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-questions" in the body of the message
help
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?4.2.0.58.20020327062142.009612a0>