From owner-freebsd-questions Wed Jun 14 10: 3:25 2000 Delivered-To: freebsd-questions@freebsd.org Received: from po4.wam.umd.edu (po4.wam.umd.edu [128.8.10.166]) by hub.freebsd.org (Postfix) with ESMTP id 66BFB37C2C3 for ; Wed, 14 Jun 2000 10:03:20 -0700 (PDT) (envelope-from howardjp@wam.umd.edu) Received: from rac4.wam.umd.edu (root@rac4.wam.umd.edu [128.8.10.144]) by po4.wam.umd.edu (8.9.3/8.9.3) with ESMTP id NAA25969; Wed, 14 Jun 2000 13:03:03 -0400 (EDT) Received: from rac4.wam.umd.edu (sendmail@localhost [127.0.0.1]) by rac4.wam.umd.edu (8.9.3/8.9.3) with SMTP id NAA02369; Wed, 14 Jun 2000 13:03:01 -0400 (EDT) Received: from rac4.wam.umd.edu (howardjp@localhost) by rac4.wam.umd.edu (8.9.3/8.9.3) with ESMTP id NAA02365; Wed, 14 Jun 2000 13:03:01 -0400 (EDT) Message-Id: <200006141703.NAA02365@rac4.wam.umd.edu> X-Authentication-Warning: rac4.wam.umd.edu: howardjp owned process doing -bs To: chip@chocobo.cx Cc: freebsd-questions@freebsd.org Subject: Re: Limiting Internet Access In-reply-to: Your message of "Wed, 14 Jun 2000 12:54:23 EDT." <20000614125423.A32693@setzer.chocobo.cx> Date: Wed, 14 Jun 2000 13:03:00 -0400 From: James Howard Sender: owner-freebsd-questions@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG > I think the easiest way to do that would be to setup IPFW to deny > outboard traffic from certain groups, ie: > > deny ip from any to any gid nonpay > > where nonpay is the name of the group for people who don't pay for > Internet access. I know that this does not affect people logging in to > a system remotely via SSH, but I'm not sure how it affects remote > access via rsh or telnet. IPFW seems a bit extreme, I am looking for something more like ACLs not network connectivity. Is that was IPFW does? Jamie To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message