[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Firewalling capabilities



On Wed, Aug 27, 2003 at 01:30:23PM -0700, Rus Foster wrote:
> Hi All,
>  I'm just trying to find out if what I think is true that pf can firewall
> with regard to user-id's or am I just imaginig it? Say for example I want
> to stop bob accessing 10.0.0.0/8 but allow rita who are both on the same
> machine?
one way to do this is to use authpf(8) and let bob authenticate thru it
on the gw machine. after he's done, he will just close his ssh session
and all access to 10/8 will be stopped by the gw from the machine bob
has authenticated from. of course, it is highly advised to use
ClientAliveInterval and ClientAliveCountMax in sshd_config(5)

-- 
Saad Kadhi -- [saad_(_at_)_docisland_(_dot_)_org] [saad_(_dot_)_kadhi_(_at_)_hapsis_(_dot_)_fr]
[pgp keyid: 35592A6D http://pgp.mit.edu]
[pgp fingerprint: BF7D D73E 1FCF 4B4F AF63  65EB 34F1 DBBF 3559 2A6D]
---