From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <ua2fgb@gmail.com>
X-Spam-Checker-Version: SpamAssassin 3.2.3 (2007-08-08) on sa.int.altlinux.org
X-Spam-Level: 
X-Spam-Status: No, score=-1.7 required=5.0 tests=AWL,BAYES_00 autolearn=ham
	version=3.2.3
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma;
	h=domainkey-signature:received:received:message-id:disposition-notification-to:date:from:user-agent:mime-version:to:subject:references:in-reply-to:content-type:content-transfer-encoding;
	bh=BAgKS3r9/+gdNHmFMYcWyBeyOk/jlkya/PhLtv2SHoc=;
	b=MiBGkeBWc8srI5mQUKv/9K9KQHGA1fd2q/hZ5yn+RgmbyeA2rvtz+iTxhlGm6yoCZaLZ1OxMOj5qAZ6ZBG1xZMlGkjJR4rEE+z8GC9xitJ4TA89HezhifQtiIUjcoTSvyLmHLh6pjRgOdSnqX8gb+yzUFWIieINPT0F51knoTh0=
DomainKey-Signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma;
	h=message-id:disposition-notification-to:date:from:user-agent:mime-version:to:subject:references:in-reply-to:content-type:content-transfer-encoding;
	b=bOr/zMqLzwu9WDkhebGBPZaQiXxzAsIUhMfWG64KODZxU1xgeWvlWEExpp5DDvnjDXLViY6g/5KVJC+bqCWUC/MHm2xb9R+EciBp/fXtvOaOWk6KPXCM5AX9zTD+lEZKw2YQyspeJtjZhw/5u4u8XCyGtuY0MpO1xMucSFDToFw=
Message-ID: <48034778.20205@gmail.com>
Date: Mon, 14 Apr 2008 15:00:56 +0300
From: "ua2fgb@gmail.com" <ua2fgb@gmail.com>
User-Agent: Thunderbird 2.0.0.12 (X11/20080213)
MIME-Version: 1.0
To: "Andrey V. Samopal" <coma@admin.dn.ua>, 
	ALT Linux sysadmin discuss <sysadmins@lists.altlinux.org>
References: <1185606685.20080304112143@admin.dn.ua>	<20080304115537.GC29305@ricom.ru>	<1489759428.20080411174424@admin.dn.ua>	<20080411205308.GA9432@ricom.ru>
	<583470998.20080414100922@admin.dn.ua>
In-Reply-To: <583470998.20080414100922@admin.dn.ua>
Content-Type: text/plain; charset=KOI8-R; format=flowed
Content-Transfer-Encoding: 8bit
Subject: Re: [Sysadmins] =?koi8-r?b?c3F1aWQgwszPyyDXINDF0sXS2dch?=
X-BeenThere: sysadmins@lists.altlinux.org
X-Mailman-Version: 2.1.10b3
Precedence: list
Reply-To: ALT Linux sysadmin discuss <sysadmins@lists.altlinux.org>
List-Id: ALT Linux sysadmin discuss <sysadmins.lists.altlinux.org>
List-Unsubscribe: <https://lists.altlinux.org/mailman/listinfo/sysadmins>,
	<mailto:sysadmins-request@lists.altlinux.org?subject=unsubscribe>
List-Archive: <http://lists.altlinux.org/pipermail/sysadmins>
List-Post: <mailto:sysadmins@lists.altlinux.org>
List-Help: <mailto:sysadmins-request@lists.altlinux.org?subject=help>
List-Subscribe: <https://lists.altlinux.org/mailman/listinfo/sysadmins>,
	<mailto:sysadmins-request@lists.altlinux.org?subject=subscribe>
X-List-Received-Date: Mon, 14 Apr 2008 12:01:07 -0000
Archived-At: <http://lore.altlinux.org/sysadmins/48034778.20205@gmail.com/>
List-Archive: <http://lore.altlinux.org/sysadmins/>

Andrey V. Samopal пишет:
> Решил проблему двумя строка добавляемые скриптом в iptables
> iptables -A INPUT -i eth0 -s ip -d ip -p tcp --dport 3128 -m state --state RELATED,ESTABLISHED -j DROP
> iptables -t nat -I PREROUTING -i eth0 -s ip -d ip -p tcp --dport 3128 -j REDIRECT --to-ports 80
>   
Как вариант, можно прикрутить dansguardian. Он умеет работать с 
периодами времени. Можно блокировать доступ и в обед и по выходным.