I would recommend looking into squid or some other filtering proxy. The
fundamental problem with using iptables/hosts restrictions is wildcard
matching for subdomains and various other technical details that you end
up sinking a vast amount of time to resolve. There are also several
commercial solutions that can be implemented at the firewall/router
level on a per-machine or per-user basis.
-Mark
On 05/11/2012 03:31 PM, Tam Nguyen wrote:
Hi Christopher,
-You can ALLOW vs. DENY, REJECT using /etc/sysconfig/iptables rules.
-You can also, in the httpd.conf file, under the directives *Order
allow,deny*, you can specify allow or deny access to ip address
To deal with DHCP or IPs change, you should research RARP on how to
request IP address from Physical address. Then you will have to come up
with a script that will updated your server.
Good luck
On Fri, May 11, 2012 at 3:33 PM, Christopher Tooley <ctoo...@uvic.ca
<mailto:ctoo...@uvic.ca>> wrote:
Hello All,
I've been requested to whitelist websites for a local user here,
apparently the internet is extremely distracting for work, save for
certain sites - has anyone done something like this before? I know I
could put IPs and website addresses in /etc/hosts, but I don't want
to have to fix the hosts file whenever IPs change.
This will be entirely for one computer.
The only thing I can think of is to have a cron script that will
periodically update the /etc/hosts file with the correct IPs and
addresses - any other suggestions?
Thanks,
-Chris
--
Mr. Mark V. Stodola
Digital Systems Engineer
National Electrostatics Corp.
P.O. Box 620310
Middleton, WI 53562-0310 USA
Phone: (608) 831-7600
Fax: (608) 831-9591