Allow only gmail.com access

Support section for FREESCO v0.3.x

Allow only gmail.com access

Postby Pombero » Mon Jun 28, 2010 2:54 pm

Hi guys :
I've a local pc ( 192.168.6.15 ) included in ban list ( bl,192.168.6.15 ) to forbid access to internet but now i must to allow access only to following sites :
https://mail.google.com/a/xxxxx.com
https://www.google.com/calendar/hosted/xxxxx.com
https://docs.google.com/a/xxxxx.com/
How i can to do this ?
I've a freesco 0.3.4 box.
TIA
Best regards.
User avatar
Pombero
Newbie
 
Posts: 8
Joined: Thu Dec 19, 2002 2:32 pm
Location: Argentina

Re: Allow only gmail.com access

Postby Lightning » Mon Jun 28, 2010 7:49 pm

Hmmm allowing or denying a IP address at any time is easy. Allowing or denying a specific URL or IP address is also easy. But banning a specific URL and sub directory from a specific IP is not possible with just FREESCO.
However it is possible with a proxy server installed on FREESCO. My first suggestion would be to try out the Junkbuster package. It is specifically designed to do just what you are asking. There is also the squid package which can also be configured to do what you are asking but it is a LOT more difficult to configure and it is a lot more system taxing. But it can also do a LOT more than Junkbuster can do.
If you are afraid that you might make a mistake. The chances are high that you will never learn anything.
User avatar
Lightning
FREESCO GOD !!
 
Posts: 12079
Joined: Wed Nov 14, 2001 6:50 am
Location: Oregon, USA

Re: Allow only gmail.com access

Postby Pombero » Tue Jun 29, 2010 7:44 am

Hi :
Thanks Lightning by the feedback. I'll try your suggestion.
Now i've other pc ( included too in ban list ) that i must allow access only to http://www.intermedicina.com as soon as possible.
How i can to do this ?
TIA.
best regards
User avatar
Pombero
Newbie
 
Posts: 8
Joined: Thu Dec 19, 2002 2:32 pm
Location: Argentina

Re: Allow only gmail.com access

Postby Lightning » Tue Jun 29, 2010 7:23 pm

If you install Junkbuster as suggested, then it is just a matter of using command lines like these in the sacfile.ini configuration
Code: Select all
#  Allow FREESCO to browse anywhere
permit  localhost   0.0.0.0/0
#  Allow the entire subnet to go anywhere
permit  192.168.6.0/24   0.0.0.0/0
# Deny one IP from going anywhere
deny  192.168.6.15   0.0.0.0/0
# Allow only specific sites for this one IP
permit  192.168.6.15  https://mail.google.com/a/xxxxx.com
permit  192.168.6.15  https://www.google.com/calendar/hosted/xxxxx.com
permit  192.168.6.15  https://docs.google.com/a/xxxxx.com/

In this type of configuration you can still leave those machines listed in the ban list. Because in essence with the proxy server running the actual request for web pages will come from FREESCO for those clients and not be part of the forwarding table. By doing that you can elimate the possibility of anyone figuring out a way around the proxy server.
You may also want to add a custom forwarding rule so that the proxy server is transparent.

Also be aware that it has been a LONG time since I really played with Junkbuster and any further support for the Junkbuster package should be posted in third party package support for 0.3.x
If you are afraid that you might make a mistake. The chances are high that you will never learn anything.
User avatar
Lightning
FREESCO GOD !!
 
Posts: 12079
Joined: Wed Nov 14, 2001 6:50 am
Location: Oregon, USA


Return to FREESCO Support for v0.3.x

Who is online

Users browsing this forum: No registered users and 4 guests