[Subject Prev][Subject Next][Thread Prev][Thread Next][Subject Index][Thread Index]

Re: IPCHAINS Implementation

To: Ambar Roy <ambarroy@xxxxxxxxx>
Subject: Re: IPCHAINS Implementation
From: George Joseph T <shibu@xxxxxxx>
Date: Mon, 22 Jan 2001 14:34:11 +0530 (IST)
Cc: linux-delhi@xxxxxxxxxxxxxxxxxxxxx
In-reply-to: <00e201c0844a$9dc19610$8900000a@aclindia.com>

Dear Amber,

Thanks for the info.

One more query.  In squid.conf file which parameter is used to block
unwanted sites.  Do we need to create seperate ACL's (Access Control List)
for each site ??  Please put some light on this and if possible give some
examples too.

With regards

George Joseph T
----------------------------------------------------------------------
On Mon, 22 Jan 2001, Ambar Roy wrote:

> also note that in case you just wan't to block web access, then it is better
> to set up transparent proxying with squid, and then letting squid do the
> filtering. With squid you can set up simple rules for access blocking, with
> ipchains, it is really difficult to block anything effectively. ipchains is
> better suited for protecting your internal network, and disallowing access
> to ppl from the internal network. Lets say you wan't to block all yahoo
> sites. With squid, you just set up a rule for destination domain yahoo.com,
> and then block it. with ipchains, you will surely go mad (yahoo seems to
> have hundreds of ip addresses!!!!) My experience has been real good with
> squid. (especially for things like banner ads, which choke up my net
> connections, squid works real nice.. just disable doubleclick.net,
> imgis.com, flycast.com, ads.*, ad.*, /banner/*, /adserve* and you will see
> that all the users are really happy...)
> 
> Bye,
>     /\ |\/| |3 /\ r
> > The best option to achieve this without any major configuration changes is
> > the implementation of ipchains.
> >
> > I have a very simple but good article on ipchains attached with this mail.
> > Which will be enough for you to configure what you require.
> > > Dear All,
> > >
> > > We are using LINUX server for last 7 months and with greate
> > > results in Deepalaya. The process of communication and
> > > documentation has become very effective for all Deepalaya
> > > units all over Delhi. Now we are facing a problem. We have
> > > to set up firewall at the minimum level. Like we want to
> > > block some sites. Can anyone tell us how to do it. Please
> > > tell us the easyest way so that we...with our moderate
> > > knowledge on Linux can do it. We know that firewall can be
> > > established at various levels. But we want to only block
> > > some sites.
> 
> 
> 
> ------------------------------------------------
> The mailing list archives are available at
> http://lists.linux-india.org/cgi-bin/wilma/linux-delhi
>

References:
- Re: IPCHAINS Implementation
  - From: Ambar Roy

Prev by Subject: Re: IPCHAINS Implementation
Next by Subject: Re: IPCHAINS Implementation
Previous by thread: Re: IPCHAINS Implementation
Next by thread: Re: IPCHAINS Implementation
Index(es):
- Subject
- Thread