Firewall Wizards mailing list archives

Re: Blocking MSN (and any other service for that matter)

From: Chuck Vose <vosechu () roman-fleuve com>
Date: Thu, 22 Apr 2004 10:56:55 -0700

# table IM not permitted
table <NoIM> { 192.168.1.210 192.168.1.211 192.168.1.212 192.168.1.213
192.168.1.214 192.168.1.215 192.168.1.216 192.168.1.217 192.168.1.218
192.168.1.219 192.168.1.220 192.168.1.221 192.168.1.222 192.168.1.223
192.168.1.224 192.168.1.225 }


I wonder if there isn't a better way to do this. Seems like every time
you add an intern or lose one you have to adjust this table unless
they're using the same mac address. What if they bring in a laptop?

The method my school uses is to allow all people access to a subnet of
wounded IP's, these can't do anything interesting other than contact the
registration http server. Once registered it gives the computer a
permanent IP and writes their info in a file so that the firewall can
decide what to allow through. 

Instead:
table <NoIM> { hash:/var/dhcp-intern-hosts }

Or whatever the equivalent is. Would this be feasible / useful in this
case?

_______________________________________________
firewall-wizards mailing list
firewall-wizards () honor icsalabs com
http://honor.icsalabs.com/mailman/listinfo/firewall-wizards

Current thread:

Blocking MSN (and any other service for that matter) Jean Paul López (Apr 22)
- Re: Blocking MSN (and any other service for that matter) Chuck Vose (Apr 22)
  - Re: Blocking MSN (and any other service for that matter) Carric Dooley (Apr 23)
    - Re: Blocking MSN (and any other service for that matter) Chuck Vose (Apr 23)
    - Re: Blocking MSN (and any other service for that matter) Paul D. Robertson (Apr 23)
  - Re: Blocking MSN (and any other service for that matter) Jean Paul López (Apr 23)
- <Possible follow-ups>
- RE: Blocking MSN (and any other service for that matter) MHawkins (Apr 23)
  - RE: Blocking MSN (and any other service for that matter) Chuck Vose (Apr 24)