Looking to redirect all web requests (port 80) to a single url
-
I'm looking to mess with my room mate as he loves his porn, so I was thinking that if I assigned him a static IP based on his MAC address how would I go about redirecting all of that IP's web requests to a particular page say, http://www.lolcats.com/?
Thanks for feeding my interests in really messing with my friend. :-)
-
Just add a filewall rule so that any traffic from his IP address to port 80/443 on WAN network instead goes to port 80 on some external IP address for your lolcats.com site.
-
That wouldn't really be a firewall rule, that would be a nat/forward. And it wouldn't be on the wan interface either it would be on the lan.
So I show
;; ANSWER SECTION:
www.lolcats.com. 300 IN A 192.81.131.161So create nat: port forward, see attached. I did it for a test box of mine with source IP of 192.168.1.8 - created an alias called web for ports 80 and 443 so could put in one rule. but lolcats is not listening on https so doesn't work for that - just can not connect to anything https with this setup.
-
nice kid, no offence to him but he's not smart enough to think of https…
Thanks guys, Now I just wait until the next time he give me a bit of a hard time. :-)
-
Depending on whether you want to just prank him, or discourage the porn use altogether, either use the above suggestions, or checkout a content filter like squidguard or dansguardian. Even if you aren't trying trying to start a war with him, but just want to help protect your network from pesky trojan horses and spyware, take a look at squidguard and dansguardian. Since you can block URLs by category, you can filter out advertiser's sites, as well as block sites whose only purpose is to distribute malware - something good to have in place anyway. Then, if and when he gets you mad, a quick toggle from allow to deny for the porn category will get you even.
Moral of the story: Don't get mad, get even…
P.S.: You can set either an internal block page with a custom message, or redirect blocked pages to an external URL. So he would only see the lolcats page when he goes to his porn sites, but everything else would work fine. Oh, and if you are tempted to rub it in further by whitelisting your MAC or IP address, so you can say "I don't know what you are complaining about, it works fine here, see?". For pete's sake, set a password on your computer and a short screensaver timeout. Otherwise, you'll go to use your computer one day, and find your history full of porn, your compy full of spyware, and you'll find yourself wanting to take a clorox wipe to your keyboard...
