Hello all, I did ask this question few days back, and Patrick reply with intresting suggestion. After few more try here's the result. Problem 1. I use wingate as proxy server behind STN, so that I could enable filters (basically XXX) however some smart guy will always bypass it in Netscape/IE. Wingate IP 192.168.0.100 STN I.P 192.168.0.1 Workstations IP 192.168.0.n ( n= 101 , 102 ...) I manage to prevent those guys bypassing the Wingate and going direct by blocking the outgoing service on STN, the following are the lines, please anyone could try and let me know. ipfwadm -O -f ipfwadm -O -i deny -P tcp -S 192.168.0.107/32 -D 0.0.0.0/0 80 ipfwadm -O -i accept -P tcp -S 192.168.0.100/32 -D 0.0.0.0/0 80 line no 2 is only for ip address 192.168.0.107, should be as below if I need to block many. ipfwadm -O -i deny -P tcp -S 192.168.0.0/24 -D 0.0.0.0/0 80 Anyone care to try and give feedback. Thanks. Affnan ______________________________________________________ Get Your Private, Free Email at http://www.hotmail.com -- Visit http://www.ShareTheNet.com for info about ShareTheNet Visit http://www.topica.com/lists/sharethenet for info about this list _____________________________________________________________ Who will win the Oscars? Spout off on our Entertainment list! http://www.topica.com/lists/showbiztalk
