[K12OSN] Block all services: except http

Michael Blinn mblinn at peopleplaces.org
Mon Oct 1 12:13:22 UTC 2007 

Yes, you do this with iptables. My firewall scripts are in 
/etc/sysconfig/iptables - you'll probably want to work off the template 
there. IE, default to ACCEPT, then allow everything already started (-m 
state --state ESTABLISHED,RELATED -j ACCEPT) then allow in port 80  (-m 
state --state NEW -m tcp -p tcp --dport 80 -j ACCEPT) and then drop 
everything else at the end (-j REJECT --reject-with icmp-host-prohibited)
-Michael

Marco Neves wrote:
> Hi all,
>  
> We have a k12ltsp server (version 6.0 ) in our school, with 10 
> terminals. The terminals are used to produce some openoffice documents 
> and in the majority to surf in the internet. The problem is that the 
> students access the windows shares and another shares in the windows 
> machines (we have passwords in the shares :-) ). How can i block the 
> access to all services except "web access". It can be done with 
> iptables? Our there is another simply way to do it?
>  
> The server as two nic´s: one for the network for the terminals (eth0), 
> and another receiving dynamic ip (eth1: this is the nic that gives 
> accesso to the web) from a windows server.
>  
>  
> Thanks in advanced.
>  
> ------------------------------------------------------------------------
>
> _______________________________________________
> K12OSN mailing list
> K12OSN at redhat.com
> https://www.redhat.com/mailman/listinfo/k12osn
> For more info see <http://www.k12os.org>

-- 
 

CONFIDENTIALITY NOTICE:
This message, and any attachments that may accompany it, contain information that is intended for the use of the individual or entity to which it is addressed and may contain information that is privileged, confidential, or otherwise exempt from disclosure under applicable law. If the recipient of this message is not the intended recipient, any disclosure, copying, or other use of this communication or any of the information, which it contains is unauthorized and prohibited.  If you have received this message in error, please notify the original sender by return mail and delete this message, along with any attachments, from your computer. Thank you.  

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://listman.redhat.com/archives/k12osn/attachments/20071001/fa1babc2/attachment.htm>

More information about the K12OSN mailing list