[NoCat] How to restrict access for authenticated user
Jean-Philippe CAMBOURNAC
jpcambou at free.fr
Mon Sep 25 07:14:17 PDT 2006
Hi all,
I whant to restrict access for authenticated users, I explain :
When a user is authenticated, he has full access on Internet (http,
https, pop, smtp, imap, ssh...) :
(from .../nocat/bin/initialize.fw (on the GW))
(...)
# Handle tagged traffic.
#
for iface in $InternalDevice; do
for net in $LocalNetwork; do
for fwmark in $classes; do
# Only forward tagged traffic per class
$fwd -i $iface -s $net -m mark --mark $fwmark -j ACCEPT
(...)
Replacing the last line by :
for port in "80 443"; do
$fwd -i $iface -p tcp --dport $port -s $net -m mark --mark $fwmark
-j ACCEPT
done
But this "Patch" doesn't work. Perhaps on the bin/access.fw file...
So, if anybody have an idea where can I define firewall rules to
restrict access to only http and https for authenticated user, it will
help me a lot.
Thanks.
Regards,
Jean-Philippe.
More information about the NoCat
mailing list