Date: Fri, 11 Jul 2003 14:45:31 +0100 (BST) From: Jan Grant <Jan.Grant@bristol.ac.uk> To: Abdul Malik Abbasi <abdulmalikabasi@hotmail.com> Cc: questions@FreeBSD.org Subject: Re: how to block ping from clints Message-ID: <Pine.GSO.4.44.0307111437440.19920-100000@mail.ilrt.bris.ac.uk> In-Reply-To: <BAY2-F104oygXLsxpTl00001d33@hotmail.com>
next in thread | previous in thread | raw e-mail | index | archive | help
On Fri, 11 Jul 2003, Abdul Malik Abbasi wrote: > > Dear sir, > > i want to drop (Deny) all users from my lan and wan to my Squid > Server Runing BSD, > > i just want to allow one my local system to ping it. Bit of an odd request, but you should be able to do this by blocking IMCP echo-requests from your lan/wan addresses. You can utilise the IPFW firewall setup for this (there are details in the handbook). I'm not clear why you'd want to do this; maybe you're trying to create a transparent proxy? In which case, there's quite a bit more to it that this; but the subject has been covered before (google can help here). > 2ndly i want to stop pop messege from internet . > > tell me which command i will use I'm not sure if you're referring to the windows messaging client popup adverts that are apparently quite common these days, or to web-browser pop-up adverts. If the former, you need to block the NetBios port range (which is 135-139 udp and tcp - but check with MS knowledge base for up-to-date security info here) at your firewall. If the latter, the situation is quite complex and solutions can vary depending on exactly how you want to go about it. You can simply deny access to known advertising sources (via squid or firewall) or look at client browser configuration (there are options or plugins to control the spawning of new windows via javascript available for pretty much every flavour of modern browser). A final alternative might be to investigate "scrubbing" web-pages as they're delivered by your proxy server. I'm sorry this is vague; your second question is a bit unclear. Cheers, -- jan grant, ILRT, University of Bristol. http://www.ilrt.bris.ac.uk/ Tel +44(0)117 9287088 Fax +44 (0)117 9287112 http://ioctl.org/jan/ Just because I have nothing to hide doesn't mean I have nothing to fear.
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.GSO.4.44.0307111437440.19920-100000>