Categories

JavaScriptPHPHTMLCssPythonWordPressWeb developmentLinuxMySQLAndroidWindowsJavaC++ / C#LayoutReactUbuntuYiiDjangoProgramming1C-BitrixLaravelSystem administrationTelegramJSONDebianPostgreSQLIOSGoogleHtaccessWindows ServerGitMacOSGoogle ChromeCMSWooСommerceBootstrapNginxSQLUnityAPI
Make a leaderReport
A
A
Alexey2015-06-17 09:01:35
linux
Alexey, 2015-06-17 09:01:35

What are the options for resolving sites (by dns-names) on Linux?

There are 2-3 dozen remote subdivisions with 1-3 PCs, subdivisions behind Asus WL-500 routers, openwrt now stands on them (routers). The task is to block all in/out traffic from the PC, except for the list of allowed DNS names and services, such as googledrive, hangouts, dropbox.
looking for a stable solution and easy to maintain.
it looks like setting up a router to allow openvpn traffic from a PC (PCs will raise the openvpn channel) to the central server, and block / allow on the central server.
but how to resolve sites (dns-names) and the listed services for clients?
share your ideas plz.

Reply
Answer the question

Answer the question

In order to leave comments, you need to log in

3 answer(s)
Report
M
Max, 2015-06-17
@nerdsav

what prevents you from setting up routes from remote sites to access the Internet through 1 point in the head, either set up a firewall or a proxy at this point?
I’ll clarify right away - if you want to see statistics (who, when and where), then a proxy is better. On it, you can also raise the antivirus scan.
Proxy is better on a PC, the router starts to stupid shamelessly.

Report
A
Alexey Cheremisin, 2015-06-17
@leahch

About how many wonderful discoveries we have. A friend is preparing enlightenment.

Alas, this is a vicious way! Absolutely vicious!
If the employees don’t do anything (like I do now), then it’s not the employee who needs to be screwed, but the management and bosses, or the employees should be sent on vacation, time off, transferred to crackers and yeast.
Having closed the Internet, they will fiddle with tablets and communicators, spit on the smoking room and kiss around the corner.
Well, now the suggestions. Put a simple proxy with authorization, just block the rest of the ports nafig.

Report
E
Eugene, 2015-06-17
@yellowmew

And why raise a vpn on a PC if the router is supposed to handle it?
Collect all traffic from offices (without Internet access for PCs) to the central one, then drive on the Internet as it should.

Similar questions
N
Nikita Reshetnyak2019-10-07 07:26:25
Why can't you hear the interlocutor in the absence of a tunnel between offices? 2Reply
A
Alexey1002019-02-04 08:33:21
How to get nearest parent with unique selector? 4Reply
A
AkZwork2020-10-12 21:32:53
How to do dd with automatic sending in MegaCMD? 1Reply
I
Ivan2018-12-20 13:15:33
Falling off hdd from raspberry pi 3b+? 2Reply
A
Arcatanden2016-07-22 11:18:23
How to write a Linux Mint installation USB flash drive that is readable on a MacBook 5.2? 1Reply

Didn't find what you were looking for?

Ask your question

Ask a Question

731 491 924 answers to any question