[SGVLUG] Preventing certain Machines from Internet
Arthur Baldwin
eengnerd at yahoo.com
Tue Nov 6 18:14:22 PST 2007
Thank you very much for your feedback, everyone! I was hoping to find a ¨router project¨ where they have a ¨remote interface¨ that would make it easy for inexperienced users to control the gateway machine from any workstation. Ideally, the GUI interface would allow the user to just click on an icon, representing each currently turned on workstation, in order to ¨toggle¨ the internet access. An incidental need (that I just discovered today) is for the gateway machine to also act as a WINS server.
Arthur
----- Original Message ----
From: Sean O'Donnell <sean at seanodonnell.com>
To: SGVLUG Discussion List. <sgvlug at sgvlug.net>
Sent: Monday, November 5, 2007 4:13:33 PM
Subject: Re: [SGVLUG] Preventing certain Machines from Internet
dhcpd (or dnsmasq) + iptables + ip_forward = done;
I have some pretty old notes here on my site about setting up such a
configuration, although it really needs to be updated/rewritten. The
examples should work though, despite et all.
Configuring a NAT Firewall/Router
http://seanodonnell.com/code/?id=44
Configuring a DHCP Server w/ Multiple Subnets on Linux
http://www.seanodonnell.com/code/?id=43
These are very dated and poorly written. You'll also need to configure
'ifconfig' properly, which I don't think is mentioned in there either.
I know I need to revise these, but that should give you simple example.
Think of it more as a kick in the right direction, rather than an
all-inclusive answer to your question. You'll of coarse need to make
modifications so that it works to your requirements.
PS: I would suggest using switches, rather than hubs.
-Sean
Arthur Baldwin wrote:
> I was wondering if anyone knows of an existing project where the
> following can be acheived:
>
> List of hardware:
>
> two 8 port hubs
> one fairly new IBM compatible PC with two NICs (acting as filter)
> one DSL Modem and connection
> 8 IBM compatible workstations
>
> Notes: From one of the workstations, be able to limit the access on
any
> number of the 8 workstations so that Internet access would be
completely
> excluded. All this without affecting the browse-ability of other
> workstations on the LAN (with File sharing and Printer sharing). The
> machine names and IP Addresses would be known.
>
> I think that this type of software would fill a very common need in
very
> small businesses (less than 10 employees).
>
> Any ideas?
>
> Arthur
>
> __________________________________________________
> Do You Yahoo!?
> Tired of spam? Yahoo! Mail has the best spam protection around
> http://mail.yahoo.com
__________________________________________________
Do You Yahoo!?
Tired of spam? Yahoo! Mail has the best spam protection around
http://mail.yahoo.com
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://www.sgvlug.net/pipermail/sgvlug/attachments/20071106/8365e957/attachment.html
More information about the SGVLUG
mailing list