[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: Internet access controled by user/protocol



Am Mittwoch, den 29.06.2005, 10:12 -0300 schrieb Marcelo Magno T. Sales:
> Hi,
> 
> I was studying nufw (www.nufw.org), which seemed to solve my problem
> using an iptables module, but this site has been off-line for several
> weeks now :(

You are misunderstanding what ISA exactly is. ISA is a Proxy/Firewall
and Socks Filter all above Proprietary M$ Stuff.

I had a quick lock at the nufw sources and you really don't want to use
it. Controlling Internet Access can be done on an easy way:

Define two groups. Internet-Allowed and Disabled. Make different Policys
for them. The Allowed gets the correct Proxy Server, the Disabled gets a
wrong one. And disable the Modification of the Explorer Environment
through your Policy.

You can also plug the SMBD to the AD with kerberos and samba. Use the
Squid NTLM Login and make rules to groups. I never got that fully
working. 

Good Luck.

> TIA,
> 
> Marcelo
> 


-- 
 Stefan Held                    VI has only 2 Modes:
 obi unixkiste org              The first one is for beeping all the time, 
 IRCNet: Obi_Wan                the second destroys the text.   
---------------------------------------------------------------------------
perl -e'map{print pack c,($|++?1:13)+ord,select$,,$,,$,,$|}split//,ESEL.$/'
---------------------------------------------------------------------------
    GPG-Keyprint = EAF2 6A65 D102 F2DB 4970  2A67 455B 98F2 572C 3FA9


Attachment: signature.asc
Description: This is a digitally signed message part


[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]