Networking :: Block A Domain Using URL Filter?
May 6, 2010Can you show me how to block a domain from local access through URL Filter?ay be an example is a very good start.
View 10 RepliesCan you show me how to block a domain from local access through URL Filter?ay be an example is a very good start.
View 10 RepliesFilter access server through the net only to authenticated users from domain controller (Win2k). Server (Centos)(Firewall with 2 nic), which makes access to the net, with only 196MB RAM (PIII500Mhz), so I do not want a solution based on proxy or what resources it uses large I want a solution with a script that runs at login on windows this check series HDD and to communicate with Linux server that's open accessor another simple solutionNow just use only MAC filtering on
View 1 Replies View RelatedI'm trying to set up an mail filter for our domain. At the moment we're using ClearOS as the filter, works OK but I still get something through and the blacklist and whitelist doesn't seem to work. I was hoping to set up a mail filter on my own, using Spamassassin and/or something else. It seems I have to buy subscription at ClearOS to make it update better or something. I might just do that, it's just tempting to find a way to do it on "my own". I tried to follow these instructions but I don't seem to go anywhere... ...I began with setting up the base server as it is shown there. I've setup quite a few Linux servers, mainly as firewall/gateway kind of things but also some DNS servers, web servers and so on.
I have one mail server and the mail filter is supposed to be on the outside to filter mail before it hits the mail server.
I want to filter and block failed attempt to access my proftp server. Here are few line from the /var/log/secure file:Quote:
Jan 2 18:38:25 server1 proftpd[17847]: server1.XYZ.com (93.218.93.95[93.218.93.95]) - Maximum login attempts (3) exceeded
Jan 2 18:38:27 server1 proftpd[17864]: server1.XYZ.com (93.218.93.95[93.218.93.95]) -
[code]....
The first filter does not work, the second does...why?
Code: Select allelsif allof (
body :contains ["some text", "Some Text"],
address :domain :is "From" "amazon.de"
)
{
redirect "someemail@gmx.net";
}
elsif allof (
body :contains ["some text", "Some Text"],
address :domain :is "From" "yellowstone.bohlsen.lan"
)
{
redirect "someemail@gmx.net";
}
I even saved the amazon.de email from thunderbird as .eml and used it as a testmail to check the second filter
Code: Select allcat /tmp/amazon-main | mail mylocalusername@yellowstone.bohlsen.lan
that worked without problems.
the amazon email address that is sending me mails is:
Code: Select allbestellbestaetigung@amazon.de
#hostname -f
yellowstone.bohlsen.lan
Im trying to get postfix to filter my outgoing mail and basically drop everything that is not in my hash table.
So far I managed to get this going
Code:
Code:
Unfortunately those rules also apply to incoming messages. My goal is to disallow users on my host to change their "MAIL FROM" to anything they like and restrict them to domains I specify. I'm aware that the local part still is variable and a user of domain "foo.com" could use a email of domain "bar.com", but still some of my troubles would be solved if I get this running.
Is it possible to block a subdomain or a one lower level directory URL access from other hosts or network ? I have a site running on my server and i want to block the particular directory under the domain, with the exception of loopback access? I mean the directory must be accessible from loopback/localhost.
[url] on port 10016(expect loopback)
[url] on port 10016 (expect loopback)
Code:
In our mail server we are taking lots of hits. In the maillog there's a hell of rejected mail like these:
Code:
I Have a script which search for the IP and block those. I'm having problem if IP block the RCPT IP's.
Instead i want to block the sender domain, like in this example, shareme.com. What's shall i modify in my script to do this?
Code:
I want to block a domain name in sendmail server. I added the domain name and "REJECT"in /etc/mail/access file. What has to be done for the changes to take effect? when i run make command in /etc/mail dir i get following error : make: Nothing to be done for `all'.
View 1 Replies View RelatedI have a problem with sites or domain blocking by squid proxy server in rehl 5. I have trying lots of time but i'm not succed.pls help me how to block sites or domain in rhel 5.
View 3 Replies View RelatedI've got a home server running Ubuntu Server 9.04 and several machines running Ubuntu Desktop (9.04 and 8.04) and Windows (XP, Vista and 7). Now what I want to do is to create a domain and directory server similar in function to Windows Server w/ AD and join my other machines to the domain, but am not sure where to start. I already have file shares with Samba but now I want to setup a domain.
View 3 Replies View RelatedAt the school i work in i have a server2k3 server that provides a domain to all the windows clients, aswell as a fedora server that acts as an imaging machine and webserver.
Im rather concious of the fact that if for any reason the Server2k3 server was to die there is no backup of active directory, or anything that can take its place whilst a replacement is found.
So is it possible to use a fedora machine with samba as a secondary domain controller? so it can be used as a login server, and has a copy of AD.
I'd like to set up an iptables configuration as follows:- Allow all traffic by default- For one user account (anonymous), block all traffic except:- All traffic on lo- All DNS requests, which should be redirected to 127.0.0.1Here's what I tried:
# Redirect
iptables -A OUTPUT -p udp -m owner --uid-owner anonymous -m udp --dport 53 -j REDIRECT --to-ports 53
[code]....
Is it possible to only view certain chains and more specifically certain chain policies with options when doing:
iptables -L
I would like for example view FORWARD ACCEPT rules instead of waiting for all of the drop rules to load when viewing a firewalled iptables.
On my diskless cluster, I want to open a port on the image that nodes use it.Here is what I get:
Code:
root@server:~# chroot /home/nfsroot/
root@server:/# iptables -A INPUT -p tcp -d 0/0 -s 0/0 --dport 4949 -j ACCEPT
[code]...
ntop installed on CentOS5 system running as squid using yum. Starting ntop on command line and not as daemon and gives error for illegal filter.
Code:
Fri Aug 20 14:10:12 2010 NOTE: Interface merge enabled by default
Fri Aug 20 14:10:12 2010 Initializing gdbm databases
[code]....
I have a problem here for which I am unable to find any relevant info on google. I have an openfiler server and another server which is running OEL(redhat5). When i give the following command iscsiadm -m discovery -t sendtargets -p 192.168.2.13it only gives me one line output which is:192.168.2.13:3260,1 iqn.2006-01.com.openfiler:tsn.03821172572cNone of the mapped LUNS gets identified neither it shows me any message that it is connecting. I have setup CHAP in openfiler to accept an incoming user plus gave access to my OEL server.Any feedback is helpful. If you need the contents of /etc/iscsi/iscsid.conf file let me know
View 1 Replies View Relatedi wanted to do bandwidth management/traffic shaping on my Internet link(have two internet connections), but i have some questions to ask: I want to know how could i for example filter some traffics using tc and iptables (e.g Peer-to-Peer,IM,Download Managers,Flash videos..) i can do filtering for known services like http,ssh,... but since these applications doesn't use one port, i am confused a little bit. I also want to do some bandwidth allocations (based on protocol) thats why i need filtering.
The other question is that currently i am using tc for bandwidth allocation and iptables for marking packets to send to these classes, am i doing it right? I mean it does work, but is it better to use for example "U32" filters for filtering? P.S: i tried to use ClearOS in gateway mode, but it doesn't have bandwidth allocation functionality. Does anyone know if i could do bandwidth allocation in ClearOS/Endian.
I have a need to make a rather odd filter in tcpdump- I would like to capture only all those packages on interface eth0, that are outgoing(in other words from IP 192.168.1.1, which is IP for eth0 in this computer) and doesn't have src MAC address 11:22:33:44:55:66. However, fallowing command says, that syntax is wrong:
Code:
tcpdump -n -p -i eth0 src host 192.168.1.1 ether src not 11:22:33:44:55:66
Is this possible? If yes, then what is the correct command?
I am new comer in this forum and the beginner on freeBsdI have a problem on how to implement the spam filter program on mail server, the problem is i have no idea on how to implement and test the spam filter program on the mail server and where should i put the program? is it in pop3?
View 3 Replies View RelatedI am new to fedora and I've installed fedora 14, I want to know what are the steps to make my machine act as a transparent (IP-less) bridge? Second, after setting the bridge, I want to make all the packets that passes through the bridge execute a servlet filter (to make some tests and add cookies) is it possible? Is there a simpler way to do those tests on the packets and add cookies?
View 4 Replies View RelatedI'm using ubuntu server 10.04 with openvpn installed on it. My vpn is working fine, all the users can connect without any issue.My problem is that I'm unable to filter the VPN traffic using openvpn. I can't allow all users to be able to interact with other vpn users. I need to avoid this kind of traffic.I was trying to build an iptables firewall, but I just noticed that my openvpn traffic isn't being filtered by iptables.In FORWARD chain, no matter what rule I use openvpn would continue to allow traffic between my clients. It does appear that openvpn is skipping FORWARD chain?For example:
Code:
# iptables -L FORWARD -nv
Chain FORWARD (policy DROP 0 packets, 0 bytes)
[code]....
last friday my schools isp enabled iwsva - interscan web security virtual appliance from trendmicro. all traffic is now filtered, and slowed down. videos and other videostreams are now useless. after this we have had serious problems using our netbooks with ubuntu, and upgrading workstations with ubuntu has become very problematic, or almost impossible. i have to run the update process 6-8 times before all packages are updated.
what can i do to document the problem in a good way. the isp tells me that there are no problems, and that it has to be a linux problem. (ever heard that one before?) the ltsp-clients on my debian servers does not have the same problems, maybe because they are using the proxy on this server?
I've been trying for a couple days now to get netem rate limiting to work on a Fedora 12 i686 virtual machine (both on VMware Fusion and KVM), and have had no success.In order to do outbound rate limiting, I want to use the netem token bucket filter (TBF), as described here:[URL]Unfortunately, attempting to use the TBF results in this error:
Code:
[root@f12-build ~]# tc qdisc add dev eth1 parent 1:1 handle 10: tbf rate 256kbit buffer 1600 limit 3000
[code]...
I was wondering if there is any way to enable an MS Windows client that is otherwise unable of joining a domain to join a domain controlled by (open)SUSE? Is that inability only for joining a Windows based domain but a client that runs XP Home Edition or similar domain- incapable version of Windows could join a domain if it was controlled by Linux?Pardon my newbie style, but answer doesn't have to be detailed step-by-step, just yes/no answer with some pointers would do. I am not new to linux but new to network services... search engines weren't friendly when asked this question at the search bar...
View 2 Replies View RelatedI want to give Administrator privileges to Root user in Linux Domain Controller
View 12 Replies View Relatediam using centos5.2.configured qmail,vpopmail. while adding domain form vadddomain<domain.co.in> At first time domain folder get created in domains directory.and also postmaster user also get created by default.And also in mysql. Now the problem is after some times or rebooting system domain get erased automatic.also in /var/qmail/users/assign file domain name get erased.
View 1 Replies View Relatedi had created domain but not getting domain in /var/qmail/user/assign file.also it error /home/vpopmail/bin/vdominfo abc.co.inInvalid domain name
View 2 Replies View Relatedi have registered two domain names that i want to use to connect to my ubuntu server. I was wondering how to do this i was looking at bind9 but that didn't work that great. The server is behind a router with firewall i can connect to it using the external IP address but i like to use the two domain names if that is possible.
View 3 Replies View RelatedAt work, we run Windows... Windows domain, windows workstations, etc. Today my boss asked me my thoughts on running an Ubuntu lab within the mixture of our existing Windows setup.
Well, that brought several questions to mind. So I understand you can bind an Ubuntu computer to a Windows domain, seems easy enough, whether you do it through Samba or the other guide I read that I kind of forget at the moment, but anyway...
I was just curious how Ubuntu interacts with domain users when on the windows domain. For example, if we have an Ubuntu machine on the Windows domain with a local user "administrator" and that's it, would any domain users be able to log into the Ubuntu work station, similar to how it is on Windows?