Unifix knowledge database - The original one

Dashboard - News - Search - List - About - Admin

redirect of banned users in firewall

Author:black - Thu Oct 14 16:33:17 2004

the table `macs` have a field `mac` which identifies the banned computer, and a field `status` which identifies the state of the computer.

to redirect the users:
for mac in $( echo "SELECT mac FROM macs WHERE status='banned';" | mysql -u fwuser bannedusers | grep -v mac ); do
        iptables -t nat -A PREROUTING -i eth1 -p tcp -d ! -m mac --mac-source $mac --dport 80 -j REDIRECT --to-port 8080

access are restricted to hosts other than the local (
Such connections are directed to port 8080 on the local machine.

on port 8080 a virtualhost runs with index.php that redirects to example.org/banned.php and a ErrorDocument 404 directive that also points at example.org/banned.php. (and thus catches subdirs and other pages in the original request)

header("Location: http://example.org/banned.php");

ErrorDocument 404 http://example.org/banned.php

    DocumentRoot /var/www-banned/
    ServerName gateway.example.org

<Directory /var/www-banned/>
    Options Indexes Includes FollowSymLinks MultiViews

    AllowOverride All

    Order allow,deny
    Allow from all

Listen 80
Listen 8080
in httpd.conf
Copyright(c) Unifix.org 2002-2011

Dashboard - News - Search - List - About - Admin
Powered by Mikjaer Consulting Solutions - Hosted by Specialhosting.dk