Solved

Proxy/Firewall Info

Posted on 2004-11-02
211 Views
Last Modified: 2013-11-16
I wanted to build a proxy/firewall.  I am currently running IPCop which runs fine with the exception I wanted to be able to give certin users internet access and block others.  I would also like to be able to block certin sites for some users and not for others.  I don't have alot of money to throw at this so the cheaper solution the better. I tried CensorNet but could not get it to intergrate with my server 2003 active directory, so I have Disregarded that solution.

Thanks in Advance
0
Question by:2hype
    11 Comments
     
    LVL 1

    Expert Comment

    by:mrxcol
    If you want, you can try installing a linux machine and set up iptables. It's fast and powerfull. Once you get to manage it (it's hard to catch up) but it's a very powerfull firewall.
    0
     
    LVL 8

    Accepted Solution

    by:
    Here is a very cost effective solution, if you are planning to build your own box, (Yes you can use a old crappy computer)

    http://www.linuxrouter.org/

    http://www.frazierwall.com/

    Hope this helps you out...

    Marakush
    0
     

    Expert Comment

    by:pwslgl
    That fixed the error, now it comes up with this:


    Warning: Wrong parameter count for define() in D:\Domains\dagger3d.com\wwwroot\forum\attach_mod\pm_attachments.php on line 24

    Warning: Cannot modify header information - headers already sent by (output started at D:\Domains\dagger3d.com\wwwroot\forum\attach_mod\pm_attachments.php:24) in D:\Domains\dagger3d.com\wwwroot\forum\includes\sessions.php on line 308

    Warning: Cannot modify header information - headers already sent by (output started at D:\Domains\dagger3d.com\wwwroot\forum\attach_mod\pm_attachments.php:24) in D:\Domains\dagger3d.com\wwwroot\forum\includes\sessions.php on line 309

    Fatal error: Cannot redeclare reordercat() (previously declared in D:\Domains\dagger3d.com\wwwroot\forum\admin\admin_album_cat.php:51) in D:\Domains\dagger3d.com\wwwroot\forum\includes\functions_jr_admin.php on line 199
    0
     

    Expert Comment

    by:pwslgl
    Sorry, wrong forum.
    0
     
    LVL 13

    Author Comment

    by:2hype
    I want this to be a proxy/Firewall in one box.  It must be capable of blocking certain websites for certain users.  This is in a school enviroment,  Students move around from computer to computer so it would have to block the user not the computer.

    The above links dont provide the proxy and the restricting user access
    Thanks
    0
     
    LVL 1

    Expert Comment

    by:mrxcol
    Again, try linux. You can configure iptables (firewall) on a per user basis to block user access. Also you can use squid (caching proxy) also on a per user basis or on a general basis to block certain pages. I use it to block child access to pornography. With some distros like mandrake 9.0, everithing (proxy and firewall) install inmmediately with no additional task to be done.

    Then you can edit /etc/squid/squid.conf and add lines to block pages. If you want to try this way tell me so i post the whole things to be done.
    0
     
    LVL 13

    Author Comment

    by:2hype
    Do you know of a site or have some documentation how to set up linux and configure IP tables.

    Thanks
    0
     
    LVL 1

    Expert Comment

    by:mrxcol
    This is one of the best tutorials i've found.

    http://iptables-tutorial.frozentux.net/iptables-tutorial.html


    If you speak spanish this one also has many practical samples showing what can you do in different scenarios:

    http://es.tldp.org/Manuales-LuCAS/doc-iptables-firewall/doc-iptables-firewall-html/
    0
     
    LVL 8

    Expert Comment

    by:Marakush
    TheLearnedOne,

    Sounds good to me....

    Marakush
    0
     
    LVL 13

    Author Comment

    by:2hype
    Never Had Time yet to fool around with IPtables.  So I'll assume it will work for me.  
    Right now I use a combination of IPCop and MSProxy.

    Thanks Everyone
    0
     
    LVL 8

    Expert Comment

    by:Marakush
    IPCop is sweet....

    Good Luck!

    Marakush
    0

    Write Comment

    Please enter a first name

    Please enter a last name

    We will never share this with anyone.

    Featured Post

    Threat Intelligence Starter Resources

    Integrating threat intelligence can be challenging, and not all companies are ready. These resources can help you build awareness and prepare for defense.

    This article offers some helpful and general tips for safe browsing and online shopping. It offers simple and manageable procedures that help to ensure the safety of one's personal information and the security of any devices.
    If your business is like most, chances are you still need to maintain a fax infrastructure for your staff. It’s hard to believe that a communication technology that was thriving in the mid-80s could still be an essential part of your team’s modern I…
    After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
    After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…

    846 members asked questions and received personalized solutions in the past 7 days.

    Join the community of 500,000 technology professionals and ask your questions.

    Join & Ask a Question

    Need Help in Real-Time?

    Connect with top rated Experts

    12 Experts available now in Live!

    Get 1:1 Help Now