I have a situation where I have a workgroup server which has several user accounts on it; the users connect to the server from their desktops which act as basic X terminals.
I want to be able to block some users from web browsing and accessing external mail servers, etc. whilst allowing others either or both of those facilities, all blocking being done at the site Internet interface point. I think what I am wanting to do is to mark selected packets with a user/group specific mark at the session level so that they can be identified by the iptables filters, but, of course, the packets actually get created further down the stack. Am I on a lost cause, or do I need to think laterally here. -- Howard. LANNet Computing Associates - Your Linux people <http://www.lannetlinux.com> ------------------------------------------ Flatter government, not fatter government - Get rid of the Australian states. ------------------------------------------ I before E except after C. We live in a weird society! -- SLUG - Sydney Linux User's Group - http://slug.org.au/ More Info: http://lists.slug.org.au/listinfo/slug
