Hello.
I have my Internet gateway, firewall and squid cache all on the same
machine.
I'm trying to block all access to SPINNER.COM and have been successful
UNLESS the users type in the proxy in the spinner (real player) player.
Then squid bypasses my ipchains firewall rules and allows access. I've
confirmed this for WWW and the Real Player.
If I disable proxy settings in my broswer and Real Player, then the firewall
prevents access to SPINNER.COM successfully.
My squid proxy is listening on a single physical NIC interface but I have
two IP addresses: eth0 192.168.1.45 and eth0:0 192.168.1.44. I have a
single external interface eth1: 192.168.2.45.
Here's a sample of my ipchains rules that work
# Deny all traffic for SPINNER.COM - a music site
$IPCHAINS -A input -s $REMOTENET -d 205.188.228.1/24 -j DENY -l
$IPCHAINS -A input -s $REMOTENET -d spinner.com -j DENY -l
$IPCHAINS -A input -s 192.168.1.44 -d 205.188.228.1/24 -j DENY -l
HELP!
Received on Thu Feb 14 2002 - 07:07:38 MST
This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 17:06:22 MST