Server :: Using IPtables To Filter Based Off Url?

Oct 8, 2010

I have a very simple set up.With Network Manager I can have my laptop act as a router (sharing all connections).I also have apt-cacher-ng as a debian package cacher.I would like to set up iptables to filter only the urls that are meant for a debian package cacher.
For example:I could use a "forward all" rule:

Code:
iptables -t nat -A PREROUTING -i eth0 -p tcp --dport 80 -j REDIRECT --to-port 3142
Except then I would get a bunch of error pages every time I tried to do normal navigating.My question (again) is: Can iptables handle forwarding only on a specific url? If so how?Or is there another solution? (prferably without full fledged software like squid)

View 3 Replies


ADVERTISEMENT

Server :: Potfix Email Filter Based On Sender And Recipient To Forward Messages?

Nov 2, 2010

We have MS Exchange email server with postfix/amavis on FreeBSD as proxy for anti-spam and anti-virus. We use our own developed CRM and trying to implement such functionality that when CRM manager send email to CRM client or vice versa through email client like Outlook (no plugins for CRM) this message would be shown in CRM. There is already a solution to parse emails from specific emailbox and show it in CRM.

What I need is to create postfix email filter to check if sender email is in file CRM_managers_emails and recipient email is in file CRM_clients_emails then forward that email to [URL] Filter should check both incoming and outgoing messages. I will auto generate CRM_managers_emails and CRM_clients_email files containing all such emails taken from CRM database. I know i should use something like Postfix After-Queue Content Filter but most of examples are for blocking emails.

View 3 Replies View Related

Networking :: Iptables Redirect Before Filter?

Apr 9, 2010

I'd like to set up an iptables configuration as follows:- Allow all traffic by default- For one user account (anonymous), block all traffic except:- All traffic on lo- All DNS requests, which should be redirected to 127.0.0.1Here's what I tried:

# Redirect
iptables -A OUTPUT -p udp -m owner --uid-owner anonymous -m udp --dport 53 -j REDIRECT --to-ports 53

[code]....

View 3 Replies View Related

Security :: Filter Condition Based On Full Hostname?

May 19, 2010

How to filter condition based on full hostname? ie. allow inbound packets to port 25 if the packet comes from [URl]..

View 1 Replies View Related

Networking :: Filter Chain And Policy For Iptables -L?

Mar 26, 2010

Is it possible to only view certain chains and more specifically certain chain policies with options when doing:

iptables -L

I would like for example view FORWARD ACCEPT rules instead of waiting for all of the drop rules to load when viewing a firewalled iptables.

View 3 Replies View Related

Networking :: Can't Initialize Iptables Table `filter'?

Apr 29, 2011

On my diskless cluster, I want to open a port on the image that nodes use it.Here is what I get:

Code:
root@server:~# chroot /home/nfsroot/
root@server:/# iptables -A INPUT -p tcp -d 0/0 -s 0/0 --dport 4949 -j ACCEPT

[code]...

View 12 Replies View Related

Ubuntu Security :: Iptables How To Filter SMTP W/o S/MIME

Jul 10, 2011

Does anyone know the iptables statement that will block inbound SMTP messages that are NOT S/MIME encrypted?

View 1 Replies View Related

Networking :: ISPs Content Filter Making For Based Laptops And Workstations?

Feb 8, 2011

last friday my schools isp enabled iwsva - interscan web security virtual appliance from trendmicro. all traffic is now filtered, and slowed down. videos and other videostreams are now useless. after this we have had serious problems using our netbooks with ubuntu, and upgrading workstations with ubuntu has become very problematic, or almost impossible. i have to run the update process 6-8 times before all packages are updated.

what can i do to document the problem in a good way. the isp tells me that there are no problems, and that it has to be a linux problem. (ever heard that one before?) the ltsp-clients on my debian servers does not have the same problems, maybe because they are using the proxy on this server?

View 5 Replies View Related

Ubuntu Servers :: Using Iptables To Get Web Usage Statistics And Filter Urls?

Dec 16, 2010

I'm deploying new ubuntu server which should act as a router. I've already set up the NAT for local network, and also did some shaping for different groups of users, but now I'm facing new problem.I need to make a scheduled URL filter. I know it's not a problem with cron and simple script, but maybe there is existing way to do that? And also, I need to make statistics on web-traffic. I need to have list of URLs visited by users (source ip, destination url). Is it possible with iptables? or with any other software but without using proxy servers.

View 9 Replies View Related

Networking :: Bandwidth Management With It / Ubuntu - Filter Traffics Using Tc And Iptables

Jan 1, 2011

i wanted to do bandwidth management/traffic shaping on my Internet link(have two internet connections), but i have some questions to ask: I want to know how could i for example filter some traffics using tc and iptables (e.g Peer-to-Peer,IM,Download Managers,Flash videos..) i can do filtering for known services like http,ssh,... but since these applications doesn't use one port, i am confused a little bit. I also want to do some bandwidth allocations (based on protocol) thats why i need filtering.

The other question is that currently i am using tc for bandwidth allocation and iptables for marking packets to send to these classes, am i doing it right? I mean it does work, but is it better to use for example "U32" filters for filtering? P.S: i tried to use ClearOS in gateway mode, but it doesn't have bandwidth allocation functionality. Does anyone know if i could do bandwidth allocation in ClearOS/Endian.

View 1 Replies View Related

Programming :: Filter Source Line Based On Results Line In Log Using Awk And Sed

Apr 5, 2011

I have a log file with entries such as;

Where result is 0 or more.

I want to get the list of file names where result count is more than 0 (in other words filter out files names with result 0).

File name and result are in two different lines in log file.

How can i filter file name based on result?

View 5 Replies View Related

Ubuntu Servers :: Ubuntu Based Web Filter

May 18, 2011

I am looking to build a Ubuntu based web filter. What we would like it to do is block access to certain sites for our company. We have had several employees get caught spending hours on end on gambling sites so we would like to restrict access to websites on a per user basis.What I am looking for is a piece of software or suite of software that can filter websites based on a blacklist/whitelist or category based scenario. I need to be able to authenticate users. For example I would like it so that when the CEO logs in he can go to whatever website he wants, while most other staff members are blocked from accessing things in the blacklist or categories.

I remember from a recent trip to a hospital that they had all internet traffic re-routed to their landing page and that you had to agree to specific terms on that page before you could do anything else. Something like that might be useful as well.

View 2 Replies View Related

Security :: IPTABLES - Restrict Internet Access Based On Time Of Day And MAC Address

Feb 6, 2010

I am trying to configure my Linux router to restrict Internet access for one computer on my LAN. It needs to be restrictive based on the time of day and the days of the week. I am using the MAC address of the computer to single out the one computer that needs to be blocked. However, this is my first attempt at making any rules with iptables, and I am not sure if I am doing this right. If some one can take a look at this I would greatly appreciate it. This is what I have done so far.

Here is my thinking. Create a new target. Check the MAC address, if it is NOT the offending computer return to the default chain. If it is the offending computer check that we are between the allowed hours and dates and ACCEPT. If we are not within the time/date range then drop the packet.

Code:

Here I am trying to route all packets regardless of the computer on the LAN into the blocked_access chain for checking.

Code:

Is it a good idea to route all traffic through the blocked_access chain? I do run other servers that are accessible from the Internet, so I am not sure how this setup will affect that. I also use shorewall on the router to setup iptables for me. How would I integrate this with shorewall?

I am using squid to block access when he is using the web browser. However, he is still able to play games(World of Warcraft) and the like.

I am using Debian sid, iptable(1.4.6), shorewall(4.4.6), kernel 2.6.32-trunk-686.

View 7 Replies View Related

Software :: Use Server To Act As A Internet Filter/cache Server?

Mar 20, 2009

what distro do you recomend to use creat a server to filter and cacheall internet activity?
this is for a cybercafe each pc will have some restritions others not

View 2 Replies View Related

Server :: CentOS Server - Filter Login Failed?

Mar 6, 2011

We have a CentOS server which has beed restarted due to some reason. Now we have ping to the server and we can reboot it via KVM, but the server loads to some messaageThis is filter.unknown_domain (Linux ...)Filter Login:and then it stops. Do you have an idea what might be the problem and how can we fix it?

View 2 Replies View Related

Server :: Powerpath And Filter Out SDX Disks

May 3, 2009

We use powerpath on RHEL servers, with at least 2 paths to each disk, as you know the powerpath creates a pseudo devices called emcpowerX. I was wondering if there is any overhead if we don't use the lvm.conf to filter out all sdX disks? Except the "duplicate PV found" messages on LVM, does it delays the boot of the server?

View 1 Replies View Related

Server :: Squid For Lan Filter And Apache2

Nov 22, 2010

Im currently serving a web in apache2; no problems I recently set up squid to filter internet for my LAN users.

***i dont want squid to accelerate WEB requests in my apache2.

So the problem is that SQUID blocks my 192.168.1. LAN denied attemps, so far, its ok BUT IT ALSO BLOCKS ANY OF THE INTERNET USERS TRYING TO REACH MY HOSTED WEB.

Can i have both servers in the same box without interferring each other?

View 6 Replies View Related

Server :: Apache: Can Filter The User's Login Name

Oct 29, 2010

Where I work, the IT people have the systems setup (wrongly in my opinion) to require not just the user's username but to have the username pre-pended with regional info. Like this:Username: RegionName//UserNamePassword: ********The server I maintain doesn't require this (even though I have it authenticate through the same services as the rest of IT (active directory via ldap))The problem is I see lots of authentication errors in my apache error_log file because people are using the RegionName//UserName login

View 1 Replies View Related

Server :: Setup An Mail Filter For Domain?

Aug 11, 2010

I'm trying to set up an mail filter for our domain. At the moment we're using ClearOS as the filter, works OK but I still get something through and the blacklist and whitelist doesn't seem to work. I was hoping to set up a mail filter on my own, using Spamassassin and/or something else. It seems I have to buy subscription at ClearOS to make it update better or something. I might just do that, it's just tempting to find a way to do it on "my own". I tried to follow these instructions but I don't seem to go anywhere... ...I began with setting up the base server as it is shown there. I've setup quite a few Linux servers, mainly as firewall/gateway kind of things but also some DNS servers, web servers and so on.

I have one mail server and the mail filter is supposed to be on the outside to filter mail before it hits the mail server.

View 3 Replies View Related

Programming :: Filter Out The Additional Packages That Exist On A New Server?

Apr 15, 2010

I've got two files. They both contain package names. Is there any way I can go through the package list on one file, and search to see if each package exists in the other file? What I'd want to do, is if the package name is found in the the main file, then go to the next line. If its not found then print that package name to another file.

I know you can use diff, but it doesn't seem to be that straight forward. As I understand it diff searches line by line, so if line one doesn't match line one in another file, then it prints it out. That's not exactly what I want.

I just really need an easy way to filter out the additional packages that exist on a new server. If I have a list of packages that aren't on the original server, then i can just delete them.

Not sure if I've made any sense but there must be a quicker way to do what i need to. It would take me ages to scan manually through the package names in each list, and highlight the ones i dont need.

View 2 Replies View Related

Server :: Email Content Filter Rules For Either Postfix

Feb 3, 2010

I want a mail server that can work just like MDaemon. The reason is, I want to have an email content filter rule that does some thing like this.

1. If the To Header contains "support@thisdomain" then run a program.
What this means is that, there is a program here in the office, and if some one sends an email to the support address, with an attachment of .exe and that person is a customer, then the program should be run. The only thing I need here is if there is a rule or script that can filter email header and run a program.

2. If the Exit Code from a previous 'Run program' rule is in the range of 1 to 100 and if the To Header contains "support@thisdomain" then send note1 "to<email address>" from <$SENDER$" "SUBJECT <AM ...>
and delete this message.

3. If the EXIT CODE from a previous 'Run program' rule is =0 and if the TO HEADER contains "support@thisdomain" then send note1 "to<email address>" from <$SENDER$" "SUBJECT <AM ...>
and delete this message.

View 7 Replies View Related

Server :: SquidGuard - Ldap Doesnt Filter Users?

Mar 21, 2011

I have a setup of squid3 with ntlm authen and I use squidGuard 1.5 to filter my web traffic. My squid3 is authenticating users properly and parsing all rules. The problem is with squidguard which doesn't seem to filter out users. below is my squidguard config.

Code:
dbhome /usr/local/squidGuard/db
logdir /usr/local/squidGuard/log

[code]....

View 3 Replies View Related

Networking :: Implementing The Spam Filter On Mail Server On FreeBsd?

Feb 8, 2010

I am new comer in this forum and the beginner on freeBsdI have a problem on how to implement the spam filter program on mail server, the problem is i have no idea on how to implement and test the spam filter program on the mail server and where should i put the program? is it in pop3?

View 3 Replies View Related

Server :: Perl Program To Filter Emails For Specific Rules

Feb 4, 2010

Please what will it take me to write a perl full functioning program to filter emails for specific rules? Will that be possible? The actual thing am trying to get is to write a perl program and attach to a mail server so that, when the mails come in, the perl script get call and then the perl program will let another external program that is not on the server run and check or filter the mails.

View 8 Replies View Related

Server :: Postfix Filter Outgoing Mail By Sender Domain ?

Jun 17, 2010

Im trying to get postfix to filter my outgoing mail and basically drop everything that is not in my hash table.

So far I managed to get this going

Code:

Code:

Unfortunately those rules also apply to incoming messages. My goal is to disallow users on my host to change their "MAIL FROM" to anything they like and restrict them to domains I specify. I'm aware that the local part still is variable and a user of domain "foo.com" could use a email of domain "bar.com", but still some of my troubles would be solved if I get this running.

View 2 Replies View Related

Ubuntu Servers :: Filter Out Emails On Postfix Server By GeoIP Data?

Dec 2, 2010

I've been looking for a way to filter out emails on my postfix server by GeoIP data. I couldn't find anything that fitted the bill so wrote my own in Python as a postfix policy. Thought I'd post it here to see if it's of any use to anyone else. I've attached a tar of the files as the Python formatting will get mucked up by the forum code. Comments/improvements are welcome (be kind ) First file is : policyd-geoip which is owned by root:root and placed in /usr/bin with 755 perms

[Code]...

View 3 Replies View Related

General :: Filter And Block Failed Attempt To Access Proftp Server?

Jan 7, 2011

I want to filter and block failed attempt to access my proftp server. Here are few line from the /var/log/secure file:Quote:

Jan 2 18:38:25 server1 proftpd[17847]: server1.XYZ.com (93.218.93.95[93.218.93.95]) - Maximum login attempts (3) exceeded
Jan 2 18:38:27 server1 proftpd[17864]: server1.XYZ.com (93.218.93.95[93.218.93.95]) -

[code]....

View 9 Replies View Related

Ubuntu Security :: Add Smtp Authentication To Postfix Installation Used As Spam Filter For Exhange Server

Feb 26, 2010

I followed this How To (https://help.ubuntu.com/community/Postfix) in order to add smtp authentication to my Postfix installation used as spam filter for my exhange server, and it'seem all ok; the only thing that I don't understand is where I list all the users (with passwords) that I authorize to send mail through my server...

View 3 Replies View Related

CentOS 5 Networking :: Filter Access Server Through The Net Only To Authenticated Users From Domain Controller (Win2k)?

Jul 17, 2009

Filter access server through the net only to authenticated users from domain controller (Win2k). Server (Centos)(Firewall with 2 nic), which makes access to the net, with only 196MB RAM (PIII500Mhz), so I do not want a solution based on proxy or what resources it uses large I want a solution with a script that runs at login on windows this check series HDD and to communicate with Linux server that's open accessor another simple solutionNow just use only MAC filtering on

View 1 Replies View Related

Server :: Text Based Server Install - Unable To Get Past Boot Screen

Dec 29, 2010

I am trying to install either Ubuntu or CentOS server in text mode only. The problem I am having is that the hardware that I am trying to install it on has no vga output, I can only connect to it via console cable. I am able to boot from USB CDROm or flash drive but unfortunately since the hardware does not have a gpu (atleast none that I'm aware of) I am unable to get past the boot screen. If someone can point me in the right direction or know where I would be able to download the text install of either OS, that would be awesome.

View 11 Replies View Related







Copyrights 2005-15 www.BigResource.com, All rights reserved