RE: [SLE] Re: [LRP] Blocking Access to External Sites
Hi, I think George is right, NS would wait for a long time. Although I've never used one there are proxys that will filter this out. I remember hearing about something called junkbuster that is supposed to do this, perhaps someone who knows more will chime in. Tim
-----Original Message----- From: George Toft [SMTP:grtoft@yahoo.com] Sent: Monday, January 03, 2000 2:57 PM
Thomas E. Wetmore wrote:
Hi I am using LRP 2.9.4 and want to block access to certain web
ads.doubleclick.net, 207.179.169.46, etc). In Windows, I can put the domain name in my hosts file and point it to my local web server. This, of course, adds traffic to my web server and does not work when the
sites (ie: link
on a web page is an IP address. How can I do this using LRP? Is the "hosts.deny" file for internal access to the router?
What would be the ramifications of this action? From what I've seen in Netscape, it will hang (for a while) waiting for an ACK of its SYN packet, which was blocked by the router. Am I off track here?
I've seen firewalls that block access to yahoo, and that's exactly what happens when you try to surf to yahoo. But if only one reference is blocked in a page, what will the browser do?
-- To unsubscribe send e-mail to suse-linux-e-unsubscribe@suse.com For additional commands send e-mail to suse-linux-e-help@suse.com Also check the FAQ at http://www.suse.com/Support/Doku/FAQ/
NS wouldn't wait, because your webserver can't find the URL NS is looking for, and returns an error immediately, unless of course, there is no webserver running. In that case you'd want to point those URL's to a webserver nearby which isn't logging much. Most proxies can filter these sites out. I know of a few like Novells BorderManager (sorry!). You can give numerous values like *sex*, *xxx*, *doubleclick*, *ads*, etc. If you let your firewall do this kind of thing on protocol level, you'd want to have a script importing a list of sites banned and let the firewall REJECT (not DENY) them, causing an immediate error from NS, like a broken pic or something. I've experimented with this an awful lot, and I find that this is not really the thing we'd want. I use a proxy for this. I'm not sure if squid can do this, but I'm sure there are ways... Good luck! Rogier Maas Tim Duggan wrote:
Hi, I think George is right, NS would wait for a long time. Although I've never used one there are proxys that will filter this out. I remember hearing about something called junkbuster that is supposed to do this, perhaps someone who knows more will chime in.
Tim
-----Original Message----- From: George Toft [SMTP:grtoft@yahoo.com] Sent: Monday, January 03, 2000 2:57 PM
Thomas E. Wetmore wrote:
Hi I am using LRP 2.9.4 and want to block access to certain web
ads.doubleclick.net, 207.179.169.46, etc). In Windows, I can put the domain name in my hosts file and point it to my local web server. This, of course, adds traffic to my web server and does not work when the
sites (ie: link
on a web page is an IP address. How can I do this using LRP? Is the "hosts.deny" file for internal access to the router?
-snip- -- To unsubscribe send e-mail to suse-linux-e-unsubscribe@suse.com For additional commands send e-mail to suse-linux-e-help@suse.com Also check the FAQ at http://www.suse.com/Support/Doku/FAQ/
On Mon, 3 Jan 2000, Tim Duggan wrote: td> Hi, td> I think George is right, NS would wait for a long time. Although I've td> never used one there are proxys that will filter this out. I remember td> hearing about something called junkbuster that is supposed to do this, td> perhaps someone who knows more will chime in. td> It basically just sits there constantly trying to load the page. The page doesn't crash, doesn't display, and doesn't hang. WHen <EXC> is pressed the remainder of the page is displayed showing a bad image link in place of the particular add that is blocked. I was trying the following on mine and those were the results I had received. ipchains -A input -s 206.170.14.74 -j DENY ipchains -A input -s 209.249.169.52 -j DENY ipchains -A input -s 209.207.224.220 -j DENY I've also tried REJECT with same results. td> Tim td> td> > -----Original Message----- td> > From: George Toft [SMTP:grtoft@yahoo.com] td> > Sent: Monday, January 03, 2000 2:57 PM td> > td> > Thomas E. Wetmore wrote: td> > > td> > > Hi td> > > I am using LRP 2.9.4 and want to block access to certain web td> > sites (ie: td> > > ads.doubleclick.net, 207.179.169.46, etc). In Windows, I can put the td> > > domain name in my hosts file and point it to my local web server. td> > This, td> > > of course, adds traffic to my web server and does not work when the td> > link td> > > on a web page is an IP address. How can I do this using LRP? Is the td> > > "hosts.deny" file for internal access to the router? td> > td> > td> > What would be the ramifications of this action? From what I've seen td> > in td> > Netscape, it will hang (for a while) waiting for an ACK of its SYN td> > packet, td> > which was blocked by the router. Am I off track here? td> > td> > I've seen firewalls that block access to yahoo, and that's exactly td> > what td> > happens when you try to surf to yahoo. But if only one reference is td> > blocked td> > in a page, what will the browser do? td> td> -- S.Toms - tomas@primenet.com - homepage is in the works SuSE Linux v6.2+ - Kernel 2.2.13 Please, won't somebody tell me what diddie-wa-diddie means? -- To unsubscribe send e-mail to suse-linux-e-unsubscribe@suse.com For additional commands send e-mail to suse-linux-e-help@suse.com Also check the FAQ at http://www.suse.com/Support/Doku/FAQ/
participants (3)
-
icarus@guldennet.nl -
tduggan@dekaresearch.com -
tomas@primenet.com