Can you allow users to view specific web sites with the terminal?
I've read that you can block your computer from going to specific web sites
by using the terminal to type in the blocked web sites and run some command.
Can you also use the terminal to type in a set of web sites that you only want to allow? In other words, while I'm not home, I only want a user to be allowed to visit say, ESPN.com, the weather channel, and spaceweather.com. Can I use the terminal to only let the computer visit these 3 sites and block ALL other sites or can you only type in the sites you want to block?
If you can type in a list of sites to visit only, can you set it up for a user so that when the computer is shut down and then turned on again later, these allowed sites are always set?
Thanks in advance to all who answer or comment...
by using the terminal to type in the blocked web sites and run some command.
Can you also use the terminal to type in a set of web sites that you only want to allow? In other words, while I'm not home, I only want a user to be allowed to visit say, ESPN.com, the weather channel, and spaceweather.com. Can I use the terminal to only let the computer visit these 3 sites and block ALL other sites or can you only type in the sites you want to block?
If you can type in a list of sites to visit only, can you set it up for a user so that when the computer is shut down and then turned on again later, these allowed sites are always set?
Thanks in advance to all who answer or comment...
Comments
$ host www.espn.com (to lookup ip for www.espn.com)
$ ipfw add deny all from 199.181.132.250 to 1.2.3.4
1.2.3.4 being the ip of the machine your on
$ ipfw list
use this to see the rules
$ ipfw delete 100 200 300 400
deletes rules 100 200 ...
$ you don't actually need to do the host lookup as you can also enter
$ ipfw add deny all from www.espn.com to 1.2.3.4
Cool huh!
BTW ESPN has a swag of other sites such as sports.go.espn.com (or something) so you will probably need to block these as well.
Hope this helps.
Dobby.
open Terminal
$ ipfw add 10000 deny ip from any to 1.2.3.4
the 10000 is the row number as firewalls process rules on order of preference.
$ ipfw add 100 allow ip from ip_address_of_espn to 1.2.3.4
increment the row number 100 when adding further ips.
Dobby.