Shorewall users - Mar 2006 - How to make groups of hosts to assign access to internet

Hi,

It would be gr8 if anybody can help me out on this issue:

I want to give access the internet to a certain group of ppl on my LAN. for
example my office LAN range is from192.168.4.10 to 192.168.4.50. What i want
it is to make two groups of users. One is ranging from 192.168.4.20 to
192.168.4.25 and other is ranging from 192.168.4.35 to 192.168.4.40. and
allow only these ppl to have access to internet.

You help is greatly apriciated.

-- Asim Ahmed.

Asim Ahmed Khan wrote:
> Hi,
> 
> It would be gr8 if anybody can help me out on this issue:
> 
> I want to give access the internet to a certain group of ppl on my LAN. for
> example my office LAN range is from192.168.4.10 to 192.168.4.50. What i
want
> it is to make two groups of users. One is ranging from 192.168.4.20 to
> 192.168.4.25 and other is ranging from 192.168.4.35 to 192.168.4.40. and
> allow only these ppl to have access to internet.
Some more suggestions:

- Force all access to go through a squid proxy and use a squid ACL to
allow access to Internet sites for those users you wish to allow.

- Create two separate zones in Shorewall and provide a different set of
rules and policies for each of those zones.

Paul



-------------------------------------------------------
This SF.Net email is sponsored by xPML, a groundbreaking scripting language
that extends applications into web and mobile media. Attend the live webcast
and join the prime developer group breaking into this new coding territory!
http://sel.as-us.falkag.net/sel?cmd=lnk&kid=110944&bid=241720&dat=121642

I am running shorewall and squid (as a transparent proxy).  Most
everything works fine when using a web browser, but almost any other
program (antivirus, news reader (you just have to believe me on this one),
p2p, etc) that uses destination port 80 fails.  Should I be doing more
administration in squid to deal with this, or is this just one of the side
effects.  I started to (!) addresses in my shorewall rules file and it was
working, but I stopped doing that and thought that there must be a more
elegant solution.

Your input is appreciated.


-------------------------------------------------------
This SF.Net email is sponsored by xPML, a groundbreaking scripting language
that extends applications into web and mobile media. Attend the live webcast
and join the prime developer group breaking into this new coding territory!
http://sel.as-us.falkag.net/sel?cmd=lnk&kid=110944&bid=241720&dat=121642

>I am running shorewall and squid (as a transparent proxy).  Most
>everything works fine when using a web browser, but almost any other
>program (antivirus, news reader (you just have to believe me on this
>one),
>p2p, etc) that uses destination port 80 fails.  Should I be doing more
>administration in squid to deal with this, or is this just one of the
>side
1. please don''t hijack other posts.
2. seems your squid proxy server is wrongly configured.
I think you will get beetre help asking on squid-users
http://www.squid-cache.org/mailing-lists.html