1
I use iptables for other sites as:
iptables -A OUTPUT -o EXTERNAL_IF -m owner --uid-owner USERNAME -d DESTINATION_WEB -j REJECT
It works for most sites except ones having a large range of IPs. What is the best way to achieve this? Please note that I need different rules for each user.
Mustafa Orkun Acar
Posted 2014-08-25T18:14:18.693
Reputation: 173
0
Iptables isn't very good at this - you'd need to block every IP address that these sites use (and there are many). A better solution would be to use a proxy server. Quintolabs.com has a very nice and powerful squid/icap based implementation that will do exactly what it is that you seek.
nod
Posted 2014-08-25T18:14:18.693
Reputation: 478
0
The most effective way to achieve this is to install squid proxy, group users you want blocked form such sites in a group that redirects such sites to 127.0.0.1 to display blocked site message.
You can look at the ACL wiki for squid, for details.
R J
Posted 2014-08-25T18:14:18.693
Reputation: 480