I am thinking about setting something up that will allow an ssh user to tunnel through the server to view certain sites. However, I want the user who tunnels in to be allowed to view only certain sites, and not all sites.
I figured I could set this up through IP tables, however, if I block all outbound sites, so goes the tunneled user. Is there a way to keep the tunnel alive while blocking all traffic outbound besides a named website, say google.com for example? The users tunneling in will have different IPs, so, I cannot use that to allow the outgoing connections. The only thing I have thought of would be to somehow allow an active connection to be able to receive outbound traffic, if they have already been connected, but, I am unsure if iptables can be set up this way.
Anyone set something like this up before, or perhaps, could point me in the right direction.
You can achieve all of the above by installing and configuring a squid proxy server on your server. To manage the access control take a look at the following url: http://www.linuxsecurity.com/resourc...AQ/FAQ-10.html . Also take a look at chapters 3 and 4 if you need any help for installing and configuring the squid server. After your squid proxy server will be up and running on your server you will need to set up an SSH tunel from your client computer to the squid service which is running on your server.
Finally, the last thing you will need to do is to configure your web browser to use the proxy server to connect to the Internet.
---=== RoseHosting.com Admin ===--- Linux Cloud Hosting - linuxcloudvps.com Linux VPS Hosting - rosehosting.com
High Quality Linux virtual servers with lots of Guaranteed RAM and HDD space, Impeccable Service.