Re: Policy based routing/restricting access __inside__ ones net..

From: Alex Popa (razor@ldc.ro)
Date: 09/22/01

• Next message: Joseph Mallett: "Re: ~/.login_conf disabling exact reasons wanted"
• Previous message: Jordan Hubbard: "Re: ~/.login_conf disabling exact reasons wanted"
• In reply to: Kris Kennaway: "Re: Policy based routing/restricting access __inside__ ones net.."
• Next in thread: horio shoichi: "Re: Policy based routing/restricting access __inside__ ones net.."
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

---

Date: Sat, 22 Sep 2001 22:51:31 +0300
From: Alex Popa <razor@ldc.ro>
To: Kris Kennaway <kris@obsecurity.org>

On Thu, Sep 20, 2001 at 07:46:11PM -0700, Kris Kennaway wrote:
> On Fri, Sep 21, 2001 at 10:53:21AM +1000, Stanley Hopcroft wrote:
>
> > Can ipfilter/ipfw provide ACLs depending on user ?
>
> Yes, ipfw can.
>
> Kris

It can limit the access based on local users.

The way I understood it is that mr Hopcroft wants to limit the traffic
based on the remote user (ie the user who is logging into the remote
Solaris/FreeBSD/AIX server). I am unsure wether that can be done using
ipfw.

Regards,
        Alex

------------+------------------------------------------
Alex Popa, | "Artificial Intelligence is
razor@ldc.ro| no match for Natural Stupidity"
------------+------------------------------------------
"It took the computing power of three C-64s to fly to the Moon.
It takes a 486 to run Windows 95. Something is wrong here."

To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message

---

• Next message: Joseph Mallett: "Re: ~/.login_conf disabling exact reasons wanted"
• Previous message: Jordan Hubbard: "Re: ~/.login_conf disabling exact reasons wanted"
• In reply to: Kris Kennaway: "Re: Policy based routing/restricting access __inside__ ones net.."
• Next in thread: horio shoichi: "Re: Policy based routing/restricting access __inside__ ones net.."
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

---

Relevant Pages Re: [snort] BAD-TRAFFIC loopback traffic 4.9-PRE ... > Ok i put the ipfw on with the default simple mode. ... Note that you'll still see them on the wire from the external network, ... because ipfw can't make the packets disappear en route into the ... Kris ... (freebsd-stable) Re: [snort] BAD-TRAFFIC loopback traffic 4.9-PRE ... > Forged source address on a network with no egress filtering. ... Ok i put the ipfw on with the default simple mode. ... (freebsd-stable) Re: bytes counting ... On 2004-07-07, lycanthrope wrote: ... > now that I set up ipfw, how to keep track of how many bytes each IP allowed ... I think there are a couple of "IP accounting" applications in ports. ... Kris ... (comp.unix.bsd.freebsd.misc) Re: Which Firewall ... ... I use ipfw. ... ipf is also available. ... What's wrong with the manpage? ... Kris ... (freebsd-questions)

---

• Security
• UNIX
• Linux
• Coding
• Usenet

• News
• Mailing-Lists
• Newsgroups
• Service
• About
• Privacy
• Search
• Imprint

www.derkeiler.com  > Mailing-Lists  > FreeBSD-Security  > 2001-09