[NTLUG:Discuss] Per User Internet Access
Jack Snodgrass
jack at jacksnodgrass.com
Thu Feb 3 11:53:36 CST 2005
On Thu, 2005-02-03 at 11:19 -0600, Scott Hollomon wrote:
> I have a multi user system, in this case a White Box Linux sysetm
> supporting several LTSP clients, and I want to restrict access to the
> internet on a per user basis. Some users need full access to the
> internet while others should be limited to specific sites. Do I have to
> use Squid to do this or is there an easier way? The internet gateway
> this system uses is a Squid server and I can configure access by host,
> but all these users are from a single host so they all have the same
> permissions.
>
>
I don't think there is an easy way to do that you want.
On a per-user basis, you can prevent users from accessing
programs, but not network routes.
You'd have to set up some 'virtual' system where each LTSP
client connects to the server using a different IP Address.
Once connected... as long as they were restricted to that
IP Address, you could get the routing stuff set up.
There is VMware, but that is proably overkill/overhead that
you dont' need..... there is something new called SELinux that
is part of Fedora... it is some sort or security, but I don't
know if it will do the virtualization stuff that you need.
--
Jack Snodgrass <jack at jacksnodgrass.com>
More information about the Discuss
mailing list