Anyone know how to allow yum updates but to deny all other browsing on ports 80 and 443?
Thanks
iptables - allow yum update port 80 but deny browsing
-
gerald_clark
- Posts: 10642
- Joined: 2005/08/05 15:19:54
- Location: Northern Illinois, USA
Re: iptables - allow yum update port 80 but deny browsing
Don't install a browser.
Re: iptables - allow yum update port 80 but deny browsing
Since yum has to run as root you can use the -m owner --uid-owner 0 iptables parameters to only allow outbound connection on ports 80/443.
The future appears to be RHEL or Debian. I think I'm going Debian.
Info for USB installs on http://wiki.centos.org/HowTos/InstallFromUSBkey
CentOS 5 and 6 are deadest, do not use them.
Use the FAQ Luke
Info for USB installs on http://wiki.centos.org/HowTos/InstallFromUSBkey
CentOS 5 and 6 are deadest, do not use them.
Use the FAQ Luke
Re: iptables - allow yum update port 80 but deny browsing
Hi TrevorH
Your suggestion worked great!
Thx
Your suggestion worked great!
Thx
Re: iptables - allow yum update port 80 but deny browsing
Hi,
Is there an iptables way to allow access only to gmail.com, eventhough, there's a lot of
ip addresses belonging to gmail.com and often changing as well?
I would like to get a referal to a free course on iptables?
thx
Is there an iptables way to allow access only to gmail.com, eventhough, there's a lot of
ip addresses belonging to gmail.com and often changing as well?
I would like to get a referal to a free course on iptables?
thx
Re: iptables - allow yum update port 80 but deny browsing
Use a filtering proxy, e.g. Squid.
Root is evil: Do not use root (sudo) to run any of the commands specified in my posts unless explicitly indicated. Please, provide the necessary amount of context to understand your problem/question.