Re: Blocking access except through proxy

From: Awais Riaz <awais@dont-contact.us>
Date: Wed, 24 Nov 1999 16:56:12 +0500

ipchains -A forward -p TCP -d proxy ip/32 80 -j ACCEPT

(I guess you may want to accept other ports if you want to do something
apart from browsing)
ipchains -A forward -p TCP -d 0/0 -j DENY

Awais Riaz
SysAdmin
Pakistan Online

Jason Thompson wrote:

> Hi All, I am just wondering if anyone has implimented a system where
> port 80 (ie WWW) is blocked to all clients, so they are forced to use
> the proxy server. Without using any type of transparent proxy? All of
> the clients see the server as the default router as well as the proxy.
> What I want to do is use the standard firewalling code in Linux to
> block access to the WWW directly, so all clients must use the proxy
> server. This is for 2 reasons, one we have passwords on Internet
> access so we can log pages to a specific username, and secondly
> because the server is in an educational establishment our isp offers a
> 'protected' Internet service, but only if you go through thier proxy.
> Which is why we do not want ot allow direct access. I appriciate that
> this list is for squid, but I was wondering if anyone could help me
> with configuring the routing so I can achieve the above. The system is
> Redhat 6.0 Thanks in advance Jason ThompsonIT TechnicianAllerton
> Grange High School
Received on Wed Nov 24 1999 - 04:53:32 MST

This archive was generated by hypermail pre-2.1.9 : Wed Apr 09 2008 - 11:57:32 MDT