----- Original Message -----
From: Tony Raboza
To: [email protected]
Sent: Thursday, June 08, 2006 10:19 PM
Subject: [plug] Linux gateway
Mga Pips,
Isa pa po tanong - sensiya na - dami ko di alam eh. Gagawa
po ako ng Linux router/gateway para sa office na may around
50 katao na gagamit ng Internet. Ang isa requirement dapat
dito sa office na to di basta basta makakagamit ng Internet kung
sino sino --- for example, kakabit lang nila laptop nila sa data
port sa wall plate then may Internet na.
Naisip ko - gamit ako ng DHCP tapos fixed yung IP address na
binibigay based on MAC address. Tapos doon sa gateway --
lagay ako ng iptables rules sa FORWARD na ang i-forward
lang yung mga MAC address ng valid PC.
Tanong ko po:
- Possible yung FORWARD sa iptables based sa MAC address
di ba?
- Ibig sabihin nito since may 50 katao sa office na to eh 50 din yung
FORWARD rules ko -- di kaya babagal Internet nito kasi bawat
daan sa gateway kailangan padaanin sa 50 rules?
we at plug not only answers to questions but we give the best advice as we
could...
first things first... i would like you to stay away what you are trying to
do due to the fact that mac address can be easily spoof to circumvent your
firewall policy...
to control who can use the internet is to provide an authentication
mechanism... you have three options here...
1. layer 2 authentication (eg. pppoe authentication)
2. layer 3 authentication (eg. vpn authentication)
3. layer 7 authentication (eg. web based authentication)
above options can be use both for wired and wireless medium, allowed time to
login, time duration, what services allowed to access and many more...
it is for you to decide what authentication method that suited to your needs
and you find most comfortable with....
if you are concern with slow internet access... put a proxy service... to
improve response time, unclog your upstream bandwidth and pushing the
contents nearer to the clients...
fooler.
_________________________________________________
Philippine Linux Users' Group (PLUG) Mailing List
[email protected] (#PLUG @ irc.free.net.ph)
Read the Guidelines: http://linux.org.ph/lists
Searchable Archives: http://archives.free.net.ph
