Salam All,
Could any one tell me how can I stop downloading over my network, my Redhat machine is acting as a Router.
Regards
Badar
Downloading Issue
hrm, pls be more specific as to what you are trying to prevent.
Also, what are you trying to allow?
If you want people to be able to surf the web from behind your router but not to download files you have bigger problems. If you can surf the web, through a router, you can download files through it too, at least with http protocol. So if that's what you're trying to prevent you won't be able to do it at the router.
If you are trying to block specific sites you can set up an access list, but that's a whole other topic.
Cheers
Also, what are you trying to allow?
If you want people to be able to surf the web from behind your router but not to download files you have bigger problems. If you can surf the web, through a router, you can download files through it too, at least with http protocol. So if that's what you're trying to prevent you won't be able to do it at the router.
If you are trying to block specific sites you can set up an access list, but that's a whole other topic.
Cheers
Syed Aoun Raza. M.Sc.(IT)
--------------------------------------
Experience is a hard teacher she gives the test first and lesson afterwords.
--------------------------------------
Experience is a hard teacher she gives the test first and lesson afterwords.
Let me give you an example to do the task in IPtables
if you just to block a certain software usage then block the packets coming to the port used by SW.
Like I want to block a specific web site
# host windowsupdate.microsoft.com
windowsupdate.microsoft.com is an alias for
windowsupdate.microsoft.nsatc.net.
windowsupdate.microsoft.nsatc.net has address 207.46.249.56
windowsupdate.microsoft.nsatc.net has address 207.46.249.57
iptables -I OUTPUT -p tcp -d 207.46.249.56 -j DROP
iptables -I OUTPUT -p tcp -d 207.46.249.57 -j DROP
now you see what you want:)
if you just to block a certain software usage then block the packets coming to the port used by SW.
Like I want to block a specific web site
# host windowsupdate.microsoft.com
windowsupdate.microsoft.com is an alias for
windowsupdate.microsoft.nsatc.net.
windowsupdate.microsoft.nsatc.net has address 207.46.249.56
windowsupdate.microsoft.nsatc.net has address 207.46.249.57
iptables -I OUTPUT -p tcp -d 207.46.249.56 -j DROP
iptables -I OUTPUT -p tcp -d 207.46.249.57 -j DROP
now you see what you want:)
Syed Aoun Raza. M.Sc.(IT)
--------------------------------------
Experience is a hard teacher she gives the test first and lesson afterwords.
--------------------------------------
Experience is a hard teacher she gives the test first and lesson afterwords.
-
zaeemarshad
- Lieutenant Colonel
- Posts: 660
- Joined: Sat Jul 06, 2002 12:35 pm
- Location: Islamabad
- Contact:
You can do two things. If you are using squid, then you can use ACL to deny access to these domains. At a cablenet i configured users were quick to figure out these things and could understand that i blocked the urls. SO what i did was that i edited my /etc/hosts and entered 0.0.0.0 for each website i wanted to block. Worked gr8 for me. I redirected a few domains to internal webservers. 
Regards
Zaeem
Regards
Zaeem