Hi I have setup a pptpd server talking to a windows AD via winbind.so
Now I want to be able to limit access to certain parts of the network
based upon who has vpn'ed in.
Having a look at the ip-up scripts there is no mention of user id.
I have noticed that pptpd logs to wtmp logins and logout. I was figuring
that i could use the ip-up scripts to capture the ip address of the
client, find the interface and then lookup last to find the user and
then I could set some iptables rules. and then try and undo what i have
done on logout.
But that seems fraught with too many places it could go wrong.
I don't really want to undo the winbind install and move to radius
(seems like more pain that it would be worth)
It would be nice if I could use the chap-secrets and winbind as the same
time, but that seems to be ruled out by the winbind plugin.
any thoughts ?
Alex
--
"Actually, I --this may sound a little West Texas to you, but I like it. When
I'm talking about-- when I'm talking about myself, and when he's talking about
myself, all of us are talking about me."
- George W. Bush
05/31/2000
Hardball, MSNBC
signature.asc
Description: Digital signature
-- SLUG - Sydney Linux User's Group Mailing List - http://slug.org.au/ Subscription info and FAQs: http://slug.org.au/faq/mailinglists.html
