On Wed, 2005-04-13 at 15:55 +0100, Phil Davey wrote: > On Sat, 9 Apr 2005, Deepankar Chanda wrote: > > LTSP INTERNET RESTRICTION / ACCESS CONTROL: I WOULD LIKE LTSP.ORG / > > DEVELOPER TO ADDRESS THIS PROBLEM. IT IS A CRITICAL / ESSENTIAL FEATURE > > SPECIALLY IN A NETWORKED COLLEGE / SCHOOL ENVIRONMENT. > > Shouting (ie using all upper case) and posting multiple times is unlikely > to help get a response. > > >I want to give Internet access to some LTSP CLients based on their > >NIC/MAC address. Please give a solution to do this using Gateway and > >Domain-Name-Servers. > > Using LTSP, all programs (including the web browser) run *on the server* > and not on each desktop box. The result, as you've seen, is that all > internet access appears to be from the server. > > If you really want to be able to control internet access by mac address, > you need to run the web browser on each desktop box. This is possible > using LTSP, but not as easy and misses a lot of the reason to use LTSP in > the first place. > > The alternative is to run some kind of proxy/firewall that is based on the > username rather than the mac address. I've not tried this myself, but I've > seen it mentioned several times on this list. Try searching the archives > for 'squid'. >
One suggestion is to implement squid on the gateway and turn on identd on the ltsp server. Then you could control access by username via squid acls. Thanks, -- Erick S. Tyack Acurrus Consulting, LLC Email: [EMAIL PROTECTED] 2313 Clawson Ave. Voice: 248.302.1855 Royal Oak, MI 48073 Fax: 248.928.5239 Public key id 2A2FE9DD available at wwwkeys.pgp.net
signature.asc
Description: This is a digitally signed message part
