Hello,
I have installed tomato firmware on Linksys E900 route. we have team of 50 users. I am trying to put in place below access restriction policy:-
1. White List (access to only sites which added in white list)
2. Block List (Always blocked)
3. Full internet access for selected users
I searched for some scripts which can allow me to perform the above access restriction but it is not working.
Below is the scrip i used
# Allow these hosts unrestricted access
iptables -A wanout -i `nvram get lan_ifname` -m mac --mac-source <allowed MAC #1> -j ACCEPT
iptables -A wanout -i `nvram get lan_ifname` -m mac --mac-source <allowed MAC #2> -j ACCEPT
# Allow everyone access to these sites
iptables -A wanout -i `nvram get lan_ifname` -d www.yahoo.com -j ACCEPT
iptables -A wanout -i `nvram get lan_ifname` -d www.gmail.com -j ACCEPT
# Everything else gets blocked
iptables -A wanout -i `nvram get lan_ifname` -j DROP
Any help would be appreciated.
Thanks
Mahendra Shivsharan
I have installed tomato firmware on Linksys E900 route. we have team of 50 users. I am trying to put in place below access restriction policy:-
1. White List (access to only sites which added in white list)
2. Block List (Always blocked)
3. Full internet access for selected users
I searched for some scripts which can allow me to perform the above access restriction but it is not working.
Below is the scrip i used
# Allow these hosts unrestricted access
iptables -A wanout -i `nvram get lan_ifname` -m mac --mac-source <allowed MAC #1> -j ACCEPT
iptables -A wanout -i `nvram get lan_ifname` -m mac --mac-source <allowed MAC #2> -j ACCEPT
# Allow everyone access to these sites
iptables -A wanout -i `nvram get lan_ifname` -d www.yahoo.com -j ACCEPT
iptables -A wanout -i `nvram get lan_ifname` -d www.gmail.com -j ACCEPT
# Everything else gets blocked
iptables -A wanout -i `nvram get lan_ifname` -j DROP
Any help would be appreciated.
Thanks
Mahendra Shivsharan