On Thu, 16 Mar 2006 14:50:38 +0100, Tomasz wrote:
>URLs, but whole IP ranges? I see that most porn sites are in the same
Why not block all IPs full stop, then only allow the ones you
know are safe?
Create a destination for all your safe IP addresses, then block
the rest with "!in-addr":
dest ip_accept {
// safe IPs
urllist in-addr/ip-addresses.accept
}
Use a url list to give you just a little bit more control, e.g.:
we know this one is safe:
http://212.67.202.62/~nodassoc/
But haven't tested 212.67.202.62 so it remains blocked.
Then in your ACL, in this order:
pass !porn ip_accept !in-addr all
Ant
--
Anthony W Owen BSc(Hons) <[EMAIL PROTECTED]>
ICT Network Manager. Fallibroome High School. Priory Lane
Macclesfield. Cheshire. SK10 4AF. Tel: 01625 827 898
http://www.fallibroome.cheshire.sch.uk/
