Re: Idea: RDP based demo site for Debian Edu Wheezy
[Petter Reinholdtsen]
> But it allow us developers to check out RDP and the current Wheezy
> desktop, and test if RDP access is a useful thing to set up for
> everyone. As it only give access to users that can already log into
> user.skolelinux.no and do almost the same as now can be done on
> ghost.skolelinux.no, I did not spend time locking down the machine.
> It will probably change in the future.
I enabled the "exam mode" on the machine, ie blocking network access
to everything except selected subnets.
diff --git a/debian-edu/netblock b/debian-edu/netblock
new file mode 100644
index 0000000..e6bc15c
--- /dev/null
+++ b/debian-edu/netblock
@@ -0,0 +1,4 @@
+#
+# Block all network access, but make sure NFS mounts to
+# administrator.skolelinux.no and DNS lookup still work.
+internalnet="$internalnet 158.36.191.128/25 129.240.2.40/24"
diff --git a/netgroup b/netgroup
new file mode 100644
index 0000000..ec387cd
--- /dev/null
+++ b/netgroup
@@ -0,0 +1 @@
+netblock-hosts (localhost,-,)
Not sure why the host name is localhost, so there is still some
investigation to do here. :)
--
Happy hacking
Petter Reinholdtsen
Reply to: