Hi Mogens, > Using iptables, I can of cause deny access to cirtain IP addresses or > websites, however, I'd like to make sure clients do not just get a > timeout, not found or something alike. > AFICS, it'll be difficult to set some errorresponce a browser can > understand, allowing it to display a meaningful errorresponce. Use a DNAT rule to redirect them to a local web server, or a Squid proxy which is configured to deny all requests. Then you can configure these to serve up a suitable error page which you can design yourself. Cheers, Chris. -- ___ __ _ / __// / ,__(_)_ | Chris Wilson -- UNIX Firewall Lead Developer | / (_ / ,\/ _/ /_ \ | NetServers.co.uk http://www.netservers.co.uk | \ _//_/_/_//_/___/ | 21 Signet Court, Cambridge, UK. 01223 576516 |
