Topic: Access Configuration

[mheymann]

Is is possible to give a user access to the mail server but not the Web server (ie. can not browse the web)

I was looking at the some of the firewall settings from the firewall how-to configuration page
'http://wiki.contribs.org/Firewall' and thought that the Allow/Deny hosts commands
might be able to do what I need.

I am thinking that I can deny a range of specified internal IP address access to the HTTP server

[janet]

mheymann

Allow/Deny hosts commands might be able to do what I need.

That's really for controlling external traffic trying to acccess your web server.

Look at
http://wiki.contribs.org/Dansguardian

...I can deny a range of specified internal IP address access to the HTTP server

All the configuration you require is in the config files, so install it and read them.

Depending on which way you want to set it up, (ie ban all allow some, or allow all ban some), look at
http://wiki.contribs.org/Dansguardian/ConfigFiles
for
bannediplist
IP addresses of client machines to disallow web access to. Only put IP addresses here, not host names.

and
exceptioniplist
This contains a list of client IPs who you want to bypass the filtering. For example, the network administrator's computer's IP.

[mheymann]

Thank you for your feedback.  It is quite helpful
I have been considering implementing Dansguardian on our SME server
for some time now and just have not had the chance to do it.
This new issue will push the need to get this option tested and setup.