Hello all, I have a interesting situation here. My current situation is: I have a Linux server which acts as a gateway for several other Linux servers. Currently this server is the only one with a firewall and all the other servers forward their traffic through this guy. Problem: i have a user who wants to use Firefox locally on one of the internal nodes. He has a app that displays data that his code writes out in a web browser. Currently, I have 80 and 443 blocked on the gateway node and I wish it to remain that way. We don't want the users to be able to browse the web from these internal systems so this must remain blocked. Is there a way I can block Firefox of the internal systems from getting to the web at the gateway host? Currently the traffic is tunnled over ssh so it just gets forwarded out without being inspected and users are able to pull back websites. I thought about dropping 80 and 443 on the outbound of the internal systems, but quickly realized users need to use wget to pull in data from some other sites.
I really would like to know if there is a way to drop 80 and 443, and somehow allow wget (doubtful) but hopefully someone has a clever little trick.

Sent from my SM-G935V using Tapatalk