On 5/20/11 12:18 PM, Paulo Cunha wrote: > Hi everybody, > > I've been using shorewall for 5 years now ( Thanks Tom again! ) and i've > managed to get in a new challenge. > > I need to control guests internet access with a ID card based auth. > > The web gui/auth system is ready, and i've moved to the IPSET part. > > My idea is that when a client connects to the network a REDIRECT match > will send the web (tcp 80) requests to the local machine. > > Then the software side will add it's IP and MAC to a IPSET macipmap list > > My idea is to add a preceding rule to the RDIRECT(above) using ACCEPT+ > that allows traffic to net if it matches the IPSET list,, then it will > not pass on the redirect rule, so enabling user access. > > The question is: > > Will the ACCEPT+ action match the ip and mac from ipset list?
Yes. > > Do i need to put the list on maclist file? No. -Tom -- Tom Eastep \ When I die, I want to go like my Grandfather who Shoreline, \ died peacefully in his sleep. Not screaming like Washington, USA \ all of the passengers in his car http://shorewall.net \________________________________________________
signature.asc
Description: OpenPGP digital signature
------------------------------------------------------------------------------ What Every C/C++ and Fortran developer Should Know! Read this article and learn how Intel has extended the reach of its next-generation tools to help Windows* and Linux* C/C++ and Fortran developers boost performance applications - including clusters. http://p.sf.net/sfu/intel-dev2devmay
_______________________________________________ Shorewall-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/shorewall-users
