[ale] Blocking Internet access for certain users

Mike Panetta ahuitzot at mindspring.com
Tue Oct 28 10:38:32 EST 2003


If his main switch supports 802.1q he may not even need to have that.
He could just set up 2 VLans and let the switch and the firewall handle
them seperatly.

Mike

-----Original Message-----
From: Dow Hurst <dhurst at kennesaw.edu>
Sent: Oct 28, 2003 10:27 AM
To: Atlanta Linux Enthusiasts <ale at ale.org>
Subject: Re: [ale] Blocking Internet access for certain users

The easiest way to manage your data in that situation is to have an 
additional interface on the firewall so building 1 and 2 have separate 
interfaces with separate rulesets.
Dow


nick travis wrote:

>I need to block all Internet access for a few users.  What would be the
>simplest way to implement this, I have an IPtables firewall and the
>machines are currently on dhcp, but I could define static addresses if I
>need to, although I would prefer to do it based on MAC address.
>
>Not sure if this matters or not but here's the layout.  I have 2
>buildings, I want everyone in building 1(offices) to have full access,
>but I want the people in building 2(production) to only have access to
>local systems, including the firewall which doubles as a mail server,
>there's a fiber link between the buildings(or there will be next week). 
>I thought about connecting this to the firewall but I would rather run
>it to the backbone switch for building 1.  Hope that makes sense. I'm
>sure I could make it work, but I wanted some input as to the best way to
>do it. Thanks!
>
>Nick
>
>
>  
>

-- 
__________________________________________________________
Dow Hurst                  Office: 770-499-3428            *
Systems Support Specialist    Fax: 770-423-6744            *
1000 Chastain Rd. Bldg. 12                                 *
Chemistry Department SC428  Email:   dhurst at kennesaw.edu   *
Kennesaw State University         Dow.Hurst at mindspring.com *
Kennesaw, GA 30144                                         *
************************************************************
This message (including any attachments) contains          *
confidential information intended for a specific individual*
and purpose, and is protected by law.  If you are not the  *
intended recipient, you should delete this message and are *
hereby notified that any disclosure, copying, distribution *
of this message, or the taking of any action based on it,  *
is strictly prohibited.                                    *
************************************************************


_______________________________________________
Ale mailing list
Ale at ale.org
http://www.ale.org/mailman/listinfo/ale





More information about the Ale mailing list