Use IPTables (or a frontend, like Shorewall or FireStarter), set up firewall policies to deny all incoming and outgoing packets on all ports. Allow access to DHCP and the DNS server, however!! Then, add individual outgoing allow rules to the IP of allowed websites and the associated ports (usually 80 and/or 443) -- jdong