It is better to add the acls on the squid than on the firewall. Proxy servers will give good performance compared to the firewalls in acls.
Regards
Dharmu
On Wed, 2003-05-07 at 17:35, Walter Priesnitz Filho wrote:
Hi,
I have this environment, a subnetwork (192.168.0.0) that access another
subnetwork (192.168.59.0) and then access the internet. The second lan has a
proxy server (squid:3128).
I need to block the requests in th first lan to the squid server to some
sites. How can I do this?
I've tried this
iptables -A FORWARD -p tcp -m multiport --dport 80,443,3128 -d
www.someplace.com -j DROP
but doesn't work.
Can anybody help-me?
Regards,
Walter
--------------------------------------------
Walter Priesnitz Filho - UIN 121745902
http://camva.ucs.br/~walterp/
Linux user 268789 - http://counter.li.org/
--------------------------------------------
