[K12OSN] Allow only HTTP requests
bthomas at psysolutions.com
Tue Dec 13 15:14:10 UTC 2005
Thanks for the help everyone.
One last question is how can I remove the VNC Viewer from the Menu for
the users, as well as removing other items from users?
Thanks again everyone.
Mike Ely wrote:
> Sudev Barar wrote:
>> On 12/13/05, Brad Thomas <bthomas at psysolutions.com> wrote:
>>> Is there a setting that I can make to only allow HTTP requests on ETH1
>>> and block any other type of requests?
>> Easy way:
>> If you are using stock k12ltsp as root from a terminal give command
>> "setup" Choose menu firewall>customize Set eth1 as non trusted device
>> (default) and then set allow http Save before quitting. The command
>> "service iptables restart" should do the trick. Caution assuming eth0
>> is ltsp network device always set this as trusted device other wise
>> ltsp network will also come to halt.
>> Simpler way:
>> "man iptables" and edit /etc/sysconfig/iptables suitably and restart
>> In both cases take backup of /etc/sysconfig/iptables before
>> attampting. This way you can alsways copy back and come back to status
> Also, be very sure you aren't doing this from SSH, or if you are, be
> sure you allow inbound SSH (port 22) BEFORE anything else! I've made
> the mistake twice now (in the course of about five years) of doing
> "iptables -P INPUT DROP" before first doimg "iptables -I INPUT -p tcp
> --dport 22 -j ACCEPT" - once the computer was right next to me, but
> the other time required driving to another location to get at the
> physical console.
> Funny, yes, but only in retrospect.
> K12OSN mailing list
> K12OSN at redhat.com
> For more info see <http://www.k12os.org>
More information about the K12OSN