[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Firewall - How blockade the files .exe

On Tue, 23 Mar 2004, Leandro F. de Mesquita wrote:
> I use iptable, I want blocked all files .exe in protocol ftp.

iptables is really not the tool you want to use for this.

A better way to achieve this result would be to implement a squid proxy
server, with rules that do not permit fetching .exe files via ftp

Then, block access to ftp via iptables, except from the squid server.

Your clients can then only get ftp through the proxy, which implements
your rules at a level that actually makes reasonable sense.


An expert is a person who has made all the mistakes which can be made
in a very narrow field.
        -- Niels Bohr

Reply to: