DaLight, I appreciate very much for your help and yes, if you can send me the iptable commands. I will try that and hope this solves the school problem.
Actually, since you're using using Banish, you could do this through Banish as well. If you want to specify iptables rules manually in your rc.local file, I would recommend disabling Banish so you don't get any conflicts. What do you want to do?
Thanks again mate. I haven't worked with iptables before so I would like to try and experiment with it. I use Banish because that's the only option I got in IPCop to block users from downloading during office hours.
# Added for Banish
#echo -e "Enabling Banish...............................\c"
#/etc/rc.d/rc.Banish start
# End Banish
#bar access for all IPs
/sbin/iptables -A CUSTOMFORWARD -i $GREEN_DEV -s 10.0.0.0/24 -o $RED_DEV -j DROP
[/code:1]
Change 10.0.0.0 to your internal network settings. Note that Banish startup commands have been commented out.
Note that the above will block any IP level access for any computers on your network. They will now need to go through the proxy. You can also allow unlimited access for priviledged IPs (like yours for example!) by inserting the following command BEFORE the last command.
[code:1]
/sbin/iptables -A CUSTOMFORWARD -i $GREEN_DEV -s 10.0.0.x -o $RED_DEV -j ACCEPT
[/code:1]
where 10.0.0.x is the IP address to be exempted.
You can also add new iptables commands and test them without restarting your IPCOP by changing to the "/etc/rc.d" directory and running "./rc.local"
