Koozali.org: home of the SME Server

Legacy Forums => Experienced User Forum => Topic started by: Ernesto Lorenz on January 23, 2003, 01:43:31 AM

Title: Banning workstation from gateway access
Post by: Ernesto Lorenz on January 23, 2003, 01:43:31 AM

I need to block some LAN workstation from gateway access to the internet and  can't do any changes to the Win98 OS locally. Is it possible to create ipchains rule to block trafic comming from a particular IP address in the local net?

Title: Re: Banning workstation from gateway access
Post by: Cyrus Bharda on January 23, 2003, 03:28:15 AM

On 5.5 u2 I use a proxy pass module to stop unauthorised access to the internet,

http://www.e-smith.dyndns.org/

Cyrus Bharda

Title: Re: Banning workstation from gateway access
Post by: Ernesto Lorenz on January 23, 2003, 04:34:16 AM

Cyrus Bharda wrote:
>
> On 5.5 u2 I use a proxy pass module to stop unauthorised
> access to the internet,
>
> http://www.e-smith.dyndns.org/
>
> Cyrus Bharda
Thanks for your prompt response Cyrus,
I'll check it out.

Title: Re: Banning workstation from gateway access
Post by: Cyrus Bharda on January 23, 2003, 04:48:21 AM

Just a warning, the "IP's/Domains without password" means ip's or domains that users can load without needing a password, I have a mod to add on a IP from address, not made by me though.

Makes it easier to assign a few people who absolutly have to have access to the internet static IP's and then add thier IP in there and then bingo, no one has access except those few machines, thats the way i have it setup here at work, also I have set my username to have access, just incase I want access to the internet when i am at someone else's workstation.

Works like a charm, also people cannot get around it by not specifing or changing the proxy in the internet settings, then they just get standard unable to browse internet error displayed.

Also affects ftp connections to, that with a deny port rpm and no user can ftp/http or use p2p progs  :-)

Cyrus Bharda