[Subject Prev][Subject Next][Thread Prev][Thread Next][Subject Index][Thread Index]

Re: IPCHAINS Implementation

Dear Ambar,


Our consultant Mr. Atanu Mandal is also of the same opinion
that SQUID can do a better job in blocking sites. He has
also developed a software with graphical interface to deal
with both SQUID and IPCHAINS. But right now we do not have
money to pay him ...ha..ha..Tai nijerai kichu karar chesta
korchi (We are trying to do something on our own). Can you
please tell us intial few (2-3) steps for accessing SQUID
and setting up the rules.

Thanks again.


On Mon, 22 Jan 2001, Ambar Roy wrote:
> also note that in case you just wan't to block web access, then it is better
> to set up transparent proxying with squid, and then letting squid do the
> filtering. With squid you can set up simple rules for access blocking, with
> ipchains, it is really difficult to block anything effectively. ipchains is
> better suited for protecting your internal network, and disallowing access
> to ppl from the internal network. Lets say you wan't to block all yahoo
> sites. With squid, you just set up a rule for destination domain yahoo.com,
> and then block it. with ipchains, you will surely go mad (yahoo seems to
> have hundreds of ip addresses!!!!) My experience has been real good with
> squid. (especially for things like banner ads, which choke up my net
> connections, squid works real nice.. just disable doubleclick.net,
> imgis.com, flycast.com, ads.*, ad.*, /banner/*, /adserve* and you will see
> that all the users are really happy...)
> Bye,
>     /\ |\/| |3 /\ r
> > The best option to achieve this without any major configuration changes is
> > the implementation of ipchains.
> >
> > I have a very simple but good article on ipchains attached with this mail.
> > Which will be enough for you to configure what you require.
> > > Dear All,
> > >
> > > We are using LINUX server for last 7 months and with greate
> > > results in Deepalaya. The process of communication and
> > > documentation has become very effective for all Deepalaya
> > > units all over Delhi. Now we are facing a problem. We have
> > > to set up firewall at the minimum level. Like we want to
> > > block some sites. Can anyone tell us how to do it. Please
> > > tell us the easyest way so that we...with our moderate
> > > knowledge on Linux can do it. We know that firewall can be
> > > established at various levels. But we want to only block
> > > some sites.
> ------------------------------------------------
> The mailing list archives are available at
> http://lists.linux-india.org/cgi-bin/wilma/linux-delhi
Deepalaya is the largest operational Non Profit organisation
in Delhi working for over 35000 children and their families.
Visit us at http://www.deepalaya.org
Sponsor A Deepalaya Child 
Join Deepalaya Discussion Board to raise compelling social 
issues http://www.deepalaya.org/deepboard.html
Send Free E Greetings from