Tim Gustafson wrote:
Hi,
I'm trying to build a server that will act as a gateway between my wireless
network and the rest of the world. Here's an overview of the current setup:
1. FreeBSD 7.1
2. isc-dhcp3-server-3.0.5_2
3. natd configured to connect fxp0 (public network, dynamic IP) to fxp1
(private network, static IP)
4. ipfw
5. bind
6. apache 2.2
7. php 5.2.6
Right now, when someone connects to the private net, they get an IP address
and can connect to the Internet no problemo. So, this is all working so
far.
What I'd like to do next is this:
When someone obtains an IP address, I'm going to configure DHCP to block
that IP using IPFW initially, and I'd like to redirect any requests that
come from that IP to port 80 or 443 to be silently redirected to the local
Apache installation, where the user can enter their login and password.
Once they've been authenticated, the firewall will allow them to connect out
to everywhere else.
So, it seems to me that I need to use natd again to do a silent proxy of
traffic from certain IPs on the private net to the server box. But, since
I'm already using natd, I'm a little perplexed about how to set this up. Do
I need to run a second instance of natd on a different port, and then update
the firewall rules to divert to one or the other based on the user's
authentication status? Or can this all be configured in one natd instance?
Tim Gustafson
SOE Webmaster
UC Santa Cruz
[EMAIL PROTECTED]
831-459-5354
Someone else's wheel, for perusal, at least:
http://www.shmoo.com/~bmc/software/wicap/announce.html
The tarball is still up there.
HTH,
Kevin Kinsey
--
If you do not think about the future, you cannot have one.
-- John Galsworthy
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to [EMAIL PROTECTED]
