dhcp windows client port (nfcan: addressed to exclusive sender for this address)

Jim Laurino nfcan.x.jimlaur at dfgh.net
Sun Nov 13 04:13:35 CET 2005


On 2005.11.12 18:27, P theodorou - props666999 at hotmail.com wrote:
> Hello again
> 
> Anybody knows where can i find scripts  with very restricted policies ?
> If someone could suggest some  would be very appreciated

You can not have a more restrictive filter rule set
than the one Rob Sterenborg already gave you.

Your original statement:

>> I wish the windows machine which receives Internet
>> from the firewall pc to be restricted fully
>> apart from the port needed to access the internet.

is ambiguous, because "the internet" is *everything*,
but you did use the singular, "the port".

So I am responding to what I think you
might be trying to accomplish.

My guess is you mean something more like "the web".

I think you mean that you want
to restrict the pc to just "web browsing".

If this guess is correct, then
what you need to understand is that this
is not really a job that a firewall can do.

A firewall can restrict the pc to access
just tcp port 80, but that does not really
restrict what kind of traffic can flow.

My guess is that making the pc use
a proxy web server may do what you want.

For Linux, you could look at squid:

http://www.squid-cache.org/

I hope that helps.

-- 
Jim Laurino
nfcan.x.jimlaur at dfgh.net
Please reply to the list.
Only mail from the listserver reaches this address.



More information about the netfilter mailing list