Re: restrict network access

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]



>> Squid actually Proxy will do the trick....
> 
> Nope. Not if they are installed on those PCs.
> 
> 
> Just block outgoing connections to all webservers but those that are
> allowed.
> 
> iptables -A OUTPUT -p tcp --dport 80 -d allowedip -j ACCEPT
> iptables -A OUTPUT -p tcp --dport 80 -d centosmirror -j ACCEPT
> iptables -A OUTPUT -p tcp --dport 80 -j DROP or REJECT
> 
> Or to be more complete:
> 
> iptables -P OUTPUT DROP or REJECT
> iptables -A OUTPUT -d localnet -j ACCEPT
> iptables -A OUTPUT -p tcp --dport 80 -d centosmirror -j ACCEPT
> iptables -A OUTPUT -p tcp --dport 80 -d allowedip -j ACCEPT
> and so on.

I found out that there is a proxy in our network and I can use a private
network address, I configured yum to use the proxy and everything is
working fine for the moment. But maybe this solution will be not
flexible enough in future - then I gonna check your suggestions and will
try to get deeper in the iptables configuration.
Can anybody tell me what ip or domain i would have to allow to get
access to the centos mirrors with yum for getting updates properly.
TIA!

-Arne
_______________________________________________
CentOS mailing list
CentOS@xxxxxxxxxx
http://lists.centos.org/mailman/listinfo/centos

[Index of Archives]     [CentOS]     [CentOS Announce]     [CentOS Development]     [CentOS ARM Devel]     [CentOS Docs]     [CentOS Virtualization]     [Carrier Grade Linux]     [Linux Media]     [Asterisk]     [DCCP]     [Netdev]     [Xorg]     [Linux USB]
  Powered by Linux