How to blk acces to the internet?
I am not sure if should post this here.
I need to know how it is possible to block access to:
- Full internet
- Fulle internet, except some pages
- Chat programs
Please, can you explain it in a simple way. Cause I don´t understand how to do it….
Well, assuming that you are referring to traffic originating from your LAN segment destined outbound, you would simply create firewall rules in the LAN segment explicitly denying all traffic from your LAN IPs (or any IP) destined to any. This applies to chat programs to.
Restricting access to only certain websites gets a bit trickier. I would create rules to deny traffic to all, and then create an allow traffic to certain IP with a higher priority than that deny rule.
So if I get it right it isn´t possible to make for every user a rule of which pages he can or can not access?
It is that in the company almost every user can access only some sites and mostly they are different (departments sales, comercial, buying, stock,…)
Adminsitration: only access to the banks
Stock: Only access to the providers
Sales: Only access to Google, and some other sites
restricting websites is best done using something like Squid - you can maybe use the package in pfSense for this.
there are some useful threads here: http://forum.pfsense.org/index.php/board,15.0.html
yes indeed about Squid. I am getting into that.
I managed already to make a filter and add some IPs to it.
Now my next object is to create for every user a filter.
I have this in Squid.inc:
acl semirestricted_hosts src "/var/squid/acl/semirestricted_hosts.acl"
acl semirestrictedlist dstdom_regex -i "/var/squid/acl/semiwhite.acl"
Now, should I just add two more lines to create another filter?