[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Visitor based netoworking

one way would be be to first redirect all outgoing traffic via iptables
to a webserver with an auth-cgi. after authentication new iptables/tc
rules are inserted for the current user-ip. i don't know if there is
already such a script, but i think it would be no big problem. 
perhaps the pam_iptables is also possible with pam_auth in squid...


On Die, 2003-06-10 at 19:53, Stefan Neufeind wrote:
> But what if you need an "open" system? Not loggin into domain but 
> loggin in via webinterface? E.g. when they try to surf the net they 
> get redirected to "authenticate here first".
> On 10 Jun 2003 at 9:06, Bastian Winkler wrote:
> > perhaps the following could fit your needs:
> > http://linux-rep.fnal.gov/howtos/Authentication-Gateway-HOWTO/
> > personally i use pam_iptables in combination with a samba PDC to
> > control network access with iptables+htb for windoze-clients on domain
> > logon. its a nice way to control some special kaazaa users whatever
> > machine they use ;-)
> > 
> > buz
> > 
> > On Mon, 2003-06-09 at 22:36, Alex (LEX) Borges wrote:
> > > I know this is doable by hand, but im wondering if anyone knows of a
> > > cool set of scripts or something for visitor based netoworking
> > > (something like dhcp+cbq+iptables to control whos accesing what and
> > > to allow acces to a network where you should on a time basis...etc.
> > > Think hotels with eth access or airports with wifi)

Reply to: