Re: [LI] Selective network access

[Sushanth Sowmyan <sush@xxxxxxx>]

I don't know how to do this in NT, so check with ur sysadm.

In our college, we have 2 m/c, one with squid[cache proxy server] and
the other is our gateway. The gateway has a firewall that blocks packets
from m/c in to out unless its from the m/c with squid. This should be
configurable under NT.

Squid is extremely customizable and can be configured to shut out or
allow stuff based on:
a>Protocols
b>Files
c>IP Addr.
d>Domain names. , etc.
Check out squid.conf for details. Also see squid.nlanr.net
Set that as your cache proxy in your browser. Configure squid to block
all outside sites and you are done.

Note: The firewall is enough to see that all external sites are blocked
and internal sites are on, but you may want to offer selective access.
Hence the squid roundabout. 

Other solutions possibly exist, but this is dimilar to the one we use. 
HTH
Ciao
-sush

--------pankaj mathur wrote-------------
>I am writing an application for our office LAN in JAVA but presently not 
>everyone in the offce has been given access to internet and hence don't have 
>browsers installed on their machines otherwise access is open i.e no 
>password required for logging into the server(my Sys Ad has some crazy ideas 
>that by not installing browsers is the most efficient way of blocking 
>internet access), so the only bottleneck in implementing my application is 
>if I can suggest some ways of restricting outside access to internet for the 
>client machine and at the same time client machine should be able to use 
>browser to point to a web page hosted on a local machine and run my 
>application.
>We are using NT 4.0 Server, the outcome of my entire effort depends upon the 
>feasibility of such selective access.

--------------------------------------------------------------------
The Linux India Mailing List Archives are now available.  Please search
the archive at http://lists.linux-india.org/ before posting your question
to avoid repetition and save bandwidth.