[K12OSN] Block internet access on thinclient side

Brian Chivers brian at portsmouth-college.ac.uk
Mon Mar 31 11:09:48 UTC 2008

I'd like to block all access to the outside network / internet from our thinclients unless they go 
via the our proxy server. I have installed a global extension for firefox that has setup it up how I 
want with proxy's and bookmarks etc for all users but if you change the connection setting to 
"direct" you go straight out bypassing everything.

I could setup our main firewall to block the thinclient server completely but it is very useful to 
have full connectivity on it for things like freenx and updates.

Is it possible to setup the iptables on the k12ltsp box itself to drop or redirect all connects from 
the thinclient side and only allow the important ones for things like the initial booting ?

I've never played with iptables before any useful pointers would be gratefully received.

Brian Chivers
Portsmouth College

    The views expressed here are my own and not necessarily
                the views of Portsmouth College    

More information about the K12OSN mailing list