LARTC - Jan 2006 - Allowing certain IP to browse

Hi all,
Need your input of the following:
I have a linux box(firewall)
-I want to restric some users not to browse but send emails only
Example: 192.168.x.2 up to 192.168.X.45 to send emails and browse, while
the rest(192.168.X.46 to 192.168.X.254) to send emails only. How do I do
that?
 thanx
Andy

howdy,

iptables will help u here for starters

/sbin/iptables -A FORWARD -s 192.168.x.2/32 -p tcp --dport 80 -j ACCEPT
/sbin/iptables -A FORWARD -s 192.168.x.2/32 -p tcp --dport 25 -j ACCEPT
/sbin/iptables -A FORWARD -s 192.168.x.2/32 -j DROP

similiar setup for the rest, this is not very clean though, might want 
to create subnets for each network and put them in seperate network 
cards in your linux box to physicly segment the networks, then you have 
control

Lata

J

andrew.goodluck@intafrica.com wrote:
> Hi all,
> Need your input of the following:
> I have a linux box(firewall)
> -I want to restric some users not to browse but send emails only
> Example: 192.168.x.2 up to 192.168.X.45 to send emails and browse, while
> the rest(192.168.X.46 to 192.168.X.254) to send emails only. How do I do
> that?
>  thanx
> Andy
> 
> _______________________________________________
> LARTC mailing list
> LARTC@mailman.ds9a.nl
> http://mailman.ds9a.nl/cgi-bin/mailman/listinfo/lartc
-- 
/*---------------------------------------------------------------------*/
                         __   _
             ---------- / /  (_)__  __ ____  __  ---------
               ------- / /__/ / _ \/ // /\ \/ / --------
                 ---- /____/_/_//_/\_,_/ /_/\_\ ------
                    localhost@localdomain.za.net