[ previous ] [ next ] [ threads ]
 From:  German dot Martin at RSES dot rohde dash schwarz dot com
 To:  m0n0wall at lists dot m0n0 dot ch
 Subject:  Re: [m0n0wall] Arp Static Entry
 Date:  Thu, 21 Oct 2004 23:34:51 +0200
If what you want is blocking web access, you need a proxy with user
validation. So you can redirect all http requests to the proxy machine and
set a rule in m0n0 to block http port conections for all ip adresses except
the proxy. So all http communication will be forced to pass through the
proxy. If you set it up to ask for user and password (maybe validated with
a Radius or Active directorty o whatever) you can block a specific user to
use web.

You can also setup proxies for further protocols if needed (ftp, socks,


                      "Slavcho Cekov"                                                               
                      <scekov@freemail.        To:       <m0n0wall at lists dot m0n0 dot ch>                   
                      com.mk>                  cc:                                                  
                                               Subject:  [m0n0wall] Arp Static Entry                
                      21/10/2004 19:11                                                              
                      Please respond to                                                             

Hi I have problem when I like to block some user to use internet. Users use
static IP adresses. One user ip is blocked, I like to block MAC. He is
cheating and he is always changing his ip (with some ip that is not blocked
and is not used at the moment). I have add static arp entries for all users
with arp -s <IP> <MAC> but nothing was changed. User is changing his IP
again and again. Should I enable some option or something or maybe someone
can tell me some hard way:) how to implement this??


To unsubscribe, e-mail: m0n0wall dash unsubscribe at lists dot m0n0 dot ch
For additional commands, e-mail: m0n0wall dash help at lists dot m0n0 dot ch