Masquerading

01-03-2004, 02:40 PM

Hi,

can someone help me and tell me how to prevent a group of PCs from
accessing the internet?

I am using RD8 IPTABLES Masquerading, and would like to prevent IPs
from 10.1.5.1 to 10.1.5.50, subnet 255.0.0.0 from accessing the WWW.

Thanks alot.

Ali Rafeek

01-03-2004, 04:33 PM

"Ali Rafeek" <(E-Mail Removed)> wrote in message
news:(E-Mail Removed) om...
> Hi,
>
> can someone help me and tell me how to prevent a group of PCs from
> accessing the internet?
>
> I am using RD8 IPTABLES Masquerading, and would like to prevent IPs
> from 10.1.5.1 to 10.1.5.50, subnet 255.0.0.0 from accessing the WWW.

The specified netmask covers all hosts in the 10.x.x.x network from 10.0.0.0
to 10.255.255.255.

Your host range does not fit any binary subnet cleanly, so if it's not
allowed to block the whole range from 10.1.5.0 to 10.1.5.63, you have to
make it in pieces:
- allow 10.1.5.0
- reject 10.1.5.0 to 10.1.5.31
- reject 10.1.5.32 to 10.1.5.47
- reject 10.1.5.48 to 10.1.5.49
- reject 10.1.5.50

You have also think whether *all* Internet connectivity is to be rejected,
or connections to port 80 (and maybe secure HTTP and proxy ports).

HTH

Tauno Voipio
tauno voipio @ iki fi

Thread Tools
Show Printable Version Email this Page
Display Modes
Linear Mode Switch to Hybrid Mode Switch to Threaded Mode

Similar Threads
Thread	Thread Starter	Forum	Replies	Last Post
Traceroute & IP masquerading	Ivar Rosquist	Linux Networking	3	01-07-2007 09:32 PM
VPN Masquerading problem	bolero92@yahoo.com	Linux Networking	0	12-29-2004 03:06 PM
Two routers masquerading?	PenguinsAnonymous@NotaChance.com	Linux Networking	5	08-17-2004 08:17 AM
IP Masquerading	Tejas Kokje	Linux Networking	1	04-14-2004 02:42 AM
non-masquerading firewall	FEEB	Linux Networking	3	01-30-2004 02:46 PM