Fedora Networking :: Blocking Subdirectories, NOT A Whole Domain/IP?
Aug 8, 2009
So, let's say there was a website www.qwerty.com, which is completely appropriate if not necessary except for the asdfg subfolder (www.qwerty.com/asdfg), which contains,say, pornographic material I want blocked. Is there any way to block "asdfg" without blocking the entire domain (www.qwerty.com)? I already tried editing my hosts file, but apparently that only works for whole domains.Also, while we're at it, can the hosts file be used to actually block IP addresses, or just domain names (so if I wanted qwerty.com with IP of 128.127.126.125 to be completely blocked, but know my family or employees are little smarter than that, I could add the line "0.0.0.0 128.127.126.125" to prevent all access to that website)?
At the school i work in i have a server2k3 server that provides a domain to all the windows clients, aswell as a fedora server that acts as an imaging machine and webserver.
Im rather concious of the fact that if for any reason the Server2k3 server was to die there is no backup of active directory, or anything that can take its place whilst a replacement is found.
So is it possible to use a fedora machine with samba as a secondary domain controller? so it can be used as a login server, and has a copy of AD.
I have a lifttime premium account at Megaupload.com. Recently I found that megaupload has blocked all IPs in my area. I have sent emails to their tech but nothing has returned!!I have tried to use proxies to download stuff from megaupload, however, none of them works for suspected bandwidth reason, not to mention that it might be slow too.
I have a VPS which is running HTTPD, and its getting blown to bits by a DOS Attack. Turns out mod_evasive is totally useless (due to not running a total - rather counting per child process) and the only way to stop the box from running at 100% on all cores is to term HTTPD. So, what rules can I implement on the iptables firewall to block multiple requests from an IP? I saw this: [URL] Where someone has posted some rules but these dont work ("unknown error 4294967295" on the 3rd line). This is what i'm after though - block multiple requests from a single IP for a certain period of time.
I've been doing some file-sharing with Ubuntu. And I've noticed that the files only in the immediate directory is shared, the rest of the folders are shown in other PCs but access is denied. How can I share all the subdirectories in a folder without having to them manually?
I have a device that is working on modbus protocol andI have written a small program(with block TCP read method ) to read its registers via modbus protocol.my program is working very well but except those times that I unplug the Ethernet cable or turning off the modbus gateway during programs work.at this time my program stops on recv system call (if it reach this system call exacly when I unplug Ethernet cable or turning off the modbus gateway during programs work).I changed my source to work in nonblock TCP method, at this time with the same situation my program does not stop/block on recv system call but after pluging back the Ethernet cable or resuming the connectivity situation back it reads data incorrectly .this is my code:Quote:
My ip address is not resolving to the domain name. I have checked etc/host reboot and all but it's not working. I can't seem to find where to post my issue then I found you and you are on line
If you are running a home server/website, and want a domain name, currently you can use dyndns and others etc. to get a free one and use that so people can find you by name. So my question is, can it be done on your home server without having to use eg dyndns or others.
I've got a home server running Ubuntu Server 9.04 and several machines running Ubuntu Desktop (9.04 and 8.04) and Windows (XP, Vista and 7). Now what I want to do is to create a domain and directory server similar in function to Windows Server w/ AD and join my other machines to the domain, but am not sure where to start. I already have file shares with Samba but now I want to setup a domain.
I was using my ISP's DNS server. When I would ping something that doesn't exist, e.g. blahtest.com, it would reply anyway. When I tried to go to the site in a browser, it was some page like "I hope we can help you find what you're looking for". I thought that was ridiculous, so I changed to OpenDNS's DNS server.
I have a question which it believe it is quite simple but I have no clue how to do it... I'm using Fedora 12 and I'm the only Linux machine in my office's LAN... I have Apache (httpd) setup and my co-workers can access the sites perfectly by using my IP address, for example [URL]... So here's the question, how do I setup a domain name so everyone in the LAN can access the sites by typing [URL]..
I am not sure if this is a problem with my router or a problem with the fedora 12 server i am using.
- internal here means within my home network, external means from outside it.
I can access my server and webpage:
internally using http://192.168.0.192 externally using http://MYDNS___EXAMPLE.com
but I cannot access the server internally using http://MYDNS___EXAMPLE.com
This is a pain in the butt because I have all of my client software setup with an internal and external access point (ssh, proFTPd, http, MS Access database connected to MySql, etc.)
I want to use single label host names on my local LAN, without using any domain (at least no registered one). My machines should be named in a fashion similar to 'myserver', 'mydesktop' etc. so that i from a browser on any LAN machine may write 'http://myserver', and get the webserver on 'myserver' (so NO domain part, e.g. myserver.domain).
Do i need to create a DNS zone for each host or is there a way to put all host in a single zone, if so; which? Would such a name be considered a root domain?
is it possible to join a Fedora box to a Windows Domain. Will the box be automatically added in DNS?How do I configure Fedora afterwards so I can login with a domain user on the box?
I have an issue with sendmail. I need to configure sendmail to send email from command prompt to any domain. This is just for the notification purpose. I installed sendmail and sendmail-cf and sm-client. The following are the configuration I have done.
I have a Debian server running at the gateway level on a LAN. This runs squid for creating block lists of websites - for eg. blocking social networking on the LAN. Also uses iptables.
I am able to do a lot of things with squid & iptables, but a few things seem difficult to achieve.
1) If I block http://www.facebook.com, people can still access https://www.facebook.com because squid doesn't go through https traffic by default. However, if the users set the gateway IP address as proxy on their web browser, then https is also blocked. So I can do one thing - using iptables drop all outgoing 443 traffic, so that people are forced to set proxy on their browser in order to browse any HTTPS traffic. However, is there a better solution for this.
2) As the number of blocked urls increase in squid, I am planning to integrate squidguard. However, the good squidguard lists are not free for commercial use. Anyone knows of a good squidguard list which is free.
3) Block yahoo messenger, gtalk etc. There are so many ports on which these Instant Messenger softwares work. You need to drop lots of outgoing ports in iptables. However, new ports get added, so you have to keep adding them. And even if your list of ports is current, people can still use the web version of gtalk etc.
4) Blocking P2P. Haven't been able to figure out how to do this till now.
I need to block some of my sites with SQUID Proxy. I added following lines to my SQUID configuration file but still the site remains unblocked.How to block it?
I'm trying to configure bind9 to block porn by having it pretend to be authoritative for a list of porn domains. It can then return a "fake" IP for the port sites, which points to a page on my server. So far, the only way I have found to do in this in bind requires a separate zone for each porn domain. This doesn't work because of memory problems - I have 1000's of porn domains to block.
I'd like to instead have bind forward queries to rbldnsd, which can take a list of domains in a "data set" file, and use it to return a single A record (pointing to my "access denied" page). However, I think this will not work because I would still need a separate "zone" for each porn domain name.
I have an ubuntu 8.04 dedicated server running openssh which I am having problems with.
The server is based in England yet I am currently working from Thailand. Slow speeds and timeouts I am used to but it is now over 24hr since I have managed to SSH the server (from here).
I just tried remote desktop on my PC back in the UK and this connected straight away through both SSH and SCP.
Thinking that it may be the IP being blocked from my works network I switched off wifi on my phone and tried to connect over the data network a few times with no luck.
Another strange problem is that when we got the server it was locked into a chroot jail which SSH(22) always leads into. After accessing SSH on port 22 I have to run a break script to gain root access. The sshd_config file says that the server is listening on port 57 yet I have never been able to access this.
I need to block some of my sites with SQUID Proxy. I added following lines to my SQUID configuration file but still the site remains unblocked.How to block it?acl blocksites url_regex yahoohttp_access deny blocksitesI have also tried saving some url & filter content in a file and edited configuration as follows,acl blocksites url_regex "/etc/squid/squid-block.acl"http_access deny blocksitesThe squid-block.acl file contents are.cricinfo.commp3
