In Iran there is a famous "access denied page" that redirects you to a strange page with a lot of HTML errors and lol, telling you RTFM about ridiculous Internet laws.I want to filter the contents of the page, because the page IP, URL, ... are all unknown.I don't know much about squid configuration scripts.I can read but cannot write
View 1 Replieshow to block PC in Squid using Mac Address. I tried as in /etc/squid/squid. conf
acl block arp 00:13:45:d3: 24:e4
https_access deny block
but it give me error as like: - (This is the output of # squid -k parse) aclParseAclLine: Invalid ACL type 'arp' FATAL: Bungled squid.conf line 1234: acl block arp 00:13:45:d3: 24:e4 squid Cache (Version 2.5.STABLE6) : Terminated abnormally
I'm trying to configure our mail server to block email from a specific sender reaching a specific recipient. In other words, if one of our employees is getting harassed by a 'stalker', how would one go about blocking, at the MTA (Sendmail) level, a specific sender email address from reaching a particular users inbox? We do not want to capture the email - simply block it before it consumes server resources.The Sendmail server (MTA) is a front end to our Exchange server so no user accounts exist on the Linux server. We simply use it as a SPAM and Virus scanner then forward clean email to the Exchange server.
View 6 Replies View Relatedhow to block a specific MAC address
View 2 Replies View RelatedHow to block unwanted sites.
View 1 Replies View RelatedI have recently configured squid proxy server in rhel5 so now I am able to blocking some websites ok, but still I have one problem how can I block gtalk by using squid proxy, one more thing I blocked gmail so now client xp systems are not logging into gmail but still they using gtalk to chatting the things to others. So ultimately I need to block gtalk also by using squid proxy.
View 2 Replies View RelatedI run the openssh daemon on port 22 and have the proftp running on port 21. I would like to block SSH for a specific user.I use proftpd.I would like to prevent the SSH access for this user and leave the FTP working for this user specific.Into /etc/passwd, I tried to change the /bin/bash to /bin/false, but this blocks both SSH and FTP access for this account.
View 3 Replies View RelatedI'm trying the tail -f 172.16.X.XX /var/log/squid/access.log to view the sites requested by the client ip 172.16.X.XX but the result is it still open all the ip's requesting for the internet access. is there any tail commands that can monitor only the specific IP address requesting for internet access.
View 2 Replies View RelatedConsider a situation in which you want to display only specific lines of contents from a file or of a command's output. Yes, we have head and tail commands. But, how to view all the lines of a file except the last one or vise versa when we don't know the count of lines in advance?
Consider this output:
Code:
[root@localhost ~]# ps au | grep bash
root 6316 0.0 0.0 4672 1440 tty1 Ss+ Apr22 0:02 -bash
root 20847 0.2 0.0 4672 1432 pts/0 Ss Apr23 0:12 -bash
root 21167 0.0 0.0 3920 660 pts/0 S+ 01:00 0:00 grep bash
Here, I don't want the last line (in italic) to be included in the result since the last line is due to "grep bash" in the devised command "ps au | grep bash". Well, we can rewrite the devised command:
Quote:
"ps au | grep bash | head -n 2"
But, again, here we are specifying the count of lines to be included. But, in the presented problem we don't know any count in advance!
My network is:
ISP --> SonicWALL--> Proxy --> LAN
Currently Sonicwall is running VPN, DHCP, port forwarding etc.. in a range of 10.0.0.0/24 and I have tried to configure Squid Proxy for content filtering (using squid 3 Transparent mode on Fedora 10 and Iptables). Now I need to implement the proxy over my network without changing the SonicWALL current settings (VPN, Port forwarding and DHCP).
Working in a SW company. guys transfer their codes through email outside the company. mailserver running on postfix. Is there any method to filter mails according to contents of attachment not by file extension.
View 3 Replies View Relatedin my office i have to block all messenger like yahoo messenger, windows live messenger, i have to block websites like www.yahoo.com, some more web sites. i need guidance through which i can accomplish this task through ip tables or through squid server. i can use squid but i had heard that squid blocks pop and smtp also. squid creates some problem in receiving and sending email. i am using red hat linux 4 box and installed squid having two ethernet card 1 is connected to adsl line and 2 is connected to switch. all clients will have proxy address of this linux box. guys need ur help ASAP.
View 2 Replies View RelatedI am using Squid as a proxy server red hat Linux.I want to block some specific web sites like facebook,..... under squid .Please guide me that how can i do it and under which header should i write the script ?
View 14 Replies View RelatedI want to block gtalk in squid, I have tried blocking ports but it didn't help.
View 2 Replies View RelatedI am having problems while testing out squid proxy server. I just can't get it block anything. So, I'm running Debian lenny on my Virtualbox and Squid on it. I'm having windows 7 on virtualbox too and they can ping each other and the webserver on debian (apache2) is working fine. The problem is i can't get squid to block webpages. I have the correct settings on windows proxy settings, but i'm not so sure about squid. I want to block lets say www . xxx. com for example. So I add to the main configuration file:
[Code]...
how to disable the gmail chat? My means to say that when we login to gmail , after that the chat will open, I want to disable that chat. am using Redhat 9 and squid stable 2.5 version. I have tried the things mentioned below, but chat is still working.
[Code]...
Example I have 3 user list and 3 file with block site names
acl group1 src 192.168.0.2 192.168.0.3 192.168.0.4/24
acl group2 src 192.168.0.5 192.168.0.6 192.168.0.7/24
acl group3 src 192.168.0.8 192.168.0.9 192.168.0.10/24
[Code]...
I've moved your post here to its own thread. Please don't resurrect dead threads. --win32sux
Does anybody know how to block HotSpotShield in squid or iptables?
View 2 Replies View RelatedIs it possible to block cyrillic string in squid? If use url_regex - sex it's OK, but when try секс(CYRILLIC alphabet) not working.
View 5 Replies View RelatedI've noticed in my Apache logs a lot of hits to a specific URL on my server. The thing is, the URL is invalid and returns a 404. Every hit has a different Agent ID (things like Windows NT 4 and IE 8, Mac OS and Safari, Windows 7 and Mozilla, etc) and usually a slightly different IP address. If you browse the URL with Chrome/Firefox, it gets reported as potential phishing activity - despite it only returning a 404 error.
I blocked a range of IPs with IPTables which worked for a while, but I can see the IP address has changed again (outside of the range I set) and is generating logs again.
Is it possible to automatically block any IP attempting to access this specific URL?
I've been all around the net and can't find a "simple" answer how to block our LAN users from downloading torrents. Is it really that difficult?
Here's our setup:
1. The Server's Configs:
2. sudo gedit /etc/squid/squid.conf
3. sudo gedit /etc/rc.local (to start Firewall rules on bootup)
4. Server NOT a DHCP Server
5. No other iptables rules are configured, just the above ones.
Before in a 1 NIC setup, I blocked Workstations MAC addresses in the Router + Squid Proxy Server (Not Transparent), it worked, but some Online Java Apps didn't work and users can't send/receive email so I abandoned the method.
Now, I installed transparent Squid Proxy with 2 NIC cards, it works, but workstations can still download torrents! I know Squid doesn't block ports, right? So the answer must lie in Iptables Firewall? I basically use Squid just to deny access to Facebook, Friendster, or other "unproductive sites".
Quote:
How to block torrent downloading by using a Firewall? Or is there another "simple" way?
I've heard that it's better just to allow regular ports (80, 22, 465, etc...) then block all the rest, this way, you can prevent unnecessary ports.
I'm not an Iptables/Firewall expert so can you pls. explain it a bit more detailed if that's the case.
I'm also aware of just telling our users NOT to download torrents, but I just want to prohibit it entirely.
I know I will be the most "uncool" employee in our office.
i had googled a lot n come to know that i need to block dnslookups for these urls httpcs.msg.yahoo.com and webcs.msg.yahoo.com and these should return 127.0.0.1. i havent have DNS configured so tried by making an entry in etc hosts filebut unforunately it didnt worked
View 1 Replies View RelatedI have a problem with sites or domain blocking by squid proxy server in rehl 5. I have trying lots of time but i'm not succed.pls help me how to block sites or domain in rhel 5.
View 3 Replies View RelatedMy Problem is: I want to stop gmail access without blocking https. Yes in my squid proxy normal [URL].. is not accessible. But gmail recently started https service by which user can still get access to gmail. I DONT WANT TO STOP https CAUSE ITS BEING USING BY OTHER PROGRAMS.
View 1 Replies View Relatedi m using centos, i want to block the bit torrent and bit commet like softwares using Squid.
View 1 Replies View Relatedi am using centos 5.4, running squid for proxy, i want to block email sending and receiving of proxy users to secure my data. how is it possible that the proxy user can only brows websites but he can not receive or open and send or save as draft to mail box.
View 1 Replies View RelatedI am using find to search for .tgz files modified more than 7 days ago and delete them.find /directory/ -iname backup*.tgz -daystart -mtime +7 -exec rm -rf {} My problem is that find will go through the content of tarball as well and list all content. I want to only search main tarball and delete it if older than 7 days.
View 4 Replies View RelatedRecently I discovered that we were accidentally running a POP server (port 110), when we only should have been running the encrypted version thereof (port 995). This wouldn't have been a problem if the port was blocked in the first place. I had wrongly assumed that any port NOT specifically listed in one's firewall rules (CentOS 5 with default iptables installation) would be blocked. I thought you had to add a rule to /etc/sysconfig/iptables in order to open up a port. Apparently this is NOT the case. So is it true that if I install some random software that starts listening on any number of ports that I have not specifically mentioned in /etc/sysconfig/iptables that it will not be blocked - it will work right away?
Anyway, I guess two questions:
1) What's a generic way to block a specific port? I use rules like this to "open" ports (although is this not needed if they're open anyway?)
-A RH-Firewall-1-INPUT -m state --state NEW -m tcp -p tcp --dport 995 -j ACCEPT
What's the analog of this kind of rule to *block* a port?
2) Is there a better way to configure iptables to block all ports that are not mentioned in its configuration? Is that dangerous? (will it block things that I don't want to block?)
i have been looking up ways to block websites in linux but most all of the free ones only block the sites the software makers want to (or you can't block just the sites you enter without blocking the sites that it wants to)i need to know how to block only websites i enter with squid using webmin
View 3 Replies View Relatedi have been studying linux for 3 month ,so i have solved some problems related with server part.The problem i have is the squid access.Can I allow some IP's to download files on squid.I mean i already give access to download by reply_body tag,andwant to give permission only one specific IP for unlimit access to download.Is there any solution
View 3 Replies View Related