Asim Ahmed Khan
2006-Mar-09 12:25 UTC
How to make groups of hosts to assign access to internet
Hi, It would be gr8 if anybody can help me out on this issue: I want to give access the internet to a certain group of ppl on my LAN. for example my office LAN range is from192.168.4.10 to 192.168.4.50. What i want it is to make two groups of users. One is ranging from 192.168.4.20 to 192.168.4.25 and other is ranging from 192.168.4.35 to 192.168.4.40. and allow only these ppl to have access to internet. You help is greatly apriciated. -- Asim Ahmed.
Paul Gear
2006-Mar-09 22:10 UTC
Re: How to make groups of hosts to assign access to internet
Asim Ahmed Khan wrote:> Hi, > > It would be gr8 if anybody can help me out on this issue: > > I want to give access the internet to a certain group of ppl on my LAN. for > example my office LAN range is from192.168.4.10 to 192.168.4.50. What i want > it is to make two groups of users. One is ranging from 192.168.4.20 to > 192.168.4.25 and other is ranging from 192.168.4.35 to 192.168.4.40. and > allow only these ppl to have access to internet.Some more suggestions: - Force all access to go through a squid proxy and use a squid ACL to allow access to Internet sites for those users you wish to allow. - Create two separate zones in Shorewall and provide a different set of rules and policies for each of those zones. Paul ------------------------------------------------------- This SF.Net email is sponsored by xPML, a groundbreaking scripting language that extends applications into web and mobile media. Attend the live webcast and join the prime developer group breaking into this new coding territory! http://sel.as-us.falkag.net/sel?cmd=lnk&kid=110944&bid=241720&dat=121642
I am running shorewall and squid (as a transparent proxy). Most everything works fine when using a web browser, but almost any other program (antivirus, news reader (you just have to believe me on this one), p2p, etc) that uses destination port 80 fails. Should I be doing more administration in squid to deal with this, or is this just one of the side effects. I started to (!) addresses in my shorewall rules file and it was working, but I stopped doing that and thought that there must be a more elegant solution. Your input is appreciated. ------------------------------------------------------- This SF.Net email is sponsored by xPML, a groundbreaking scripting language that extends applications into web and mobile media. Attend the live webcast and join the prime developer group breaking into this new coding territory! http://sel.as-us.falkag.net/sel?cmd=lnk&kid=110944&bid=241720&dat=121642
>I am running shorewall and squid (as a transparent proxy). Most >everything works fine when using a web browser, but almost any other >program (antivirus, news reader (you just have to believe me on this >one), >p2p, etc) that uses destination port 80 fails. Should I be doing more >administration in squid to deal with this, or is this just one of the >side1. please don''t hijack other posts. 2. seems your squid proxy server is wrongly configured. I think you will get beetre help asking on squid-users http://www.squid-cache.org/mailing-lists.html