From owner-freebsd-questions@FreeBSD.ORG Sun Jul 6 19:34:41 2008 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 28334106564A for ; Sun, 6 Jul 2008 19:34:41 +0000 (UTC) (envelope-from agus.262@gmail.com) Received: from po-out-1718.google.com (po-out-1718.google.com [72.14.252.156]) by mx1.freebsd.org (Postfix) with ESMTP id E9CF78FC16 for ; Sun, 6 Jul 2008 19:34:40 +0000 (UTC) (envelope-from agus.262@gmail.com) Received: by po-out-1718.google.com with SMTP id c31so6408560poi.3 for ; Sun, 06 Jul 2008 12:34:40 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=domainkey-signature:received:received:message-id:date:from:to :subject:cc:in-reply-to:mime-version:content-type:references; bh=nWHQdfRsrA5IO02RujeD0Y35yxJ0OejuiIBAuFBkkiA=; b=GM19IfMVXrsAWGY9ZE9zEbKXE3lJeg1Y4j8sC40e/XV71m3KLSAuu8P9rrsbqfhXGV BI5Z/EJ96MqfPcRsliRMJc4O/mwvGD1knIn+wumhqhXVV7OQF5U8TiVJ1d1By0qLzIwp prCVOKoI0207n/f8BUO6ZZWOWeYJkkxg9ibaw= DomainKey-Signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=message-id:date:from:to:subject:cc:in-reply-to:mime-version :content-type:references; b=dpwscLQckcH+eSDw7E42DKPac8SzcauPHl7OMQE0dNOEBSKj2MuwGxh+frz7XeyO8C mDCr2H8O3LBb2Uh2MWkE6ttA8MiBGFhr1Wn1Qfy8FfjBt3eU7iGe8aOufSwcuY2xr023 RTOuZ4kDTn7k2+w7FZdq9DmMrwSgtr1illWso= Received: by 10.141.163.12 with SMTP id q12mr1774822rvo.265.1215372880424; Sun, 06 Jul 2008 12:34:40 -0700 (PDT) Received: by 10.140.158.19 with HTTP; Sun, 6 Jul 2008 12:34:40 -0700 (PDT) Message-ID: Date: Sun, 6 Jul 2008 16:34:40 -0300 From: Agus To: RW In-Reply-To: <20070930032804.6123c175@gumby.homeunix.com.> MIME-Version: 1.0 References: <46FEEC52.1050705@gmail.com> <20070930032804.6123c175@gumby.homeunix.com.> Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: 7bit Content-Disposition: inline X-Content-Filtered-By: Mailman/MimeDel 2.1.5 Cc: freebsd-questions@freebsd.org Subject: Re: Deny access from localhost to internet..... X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 06 Jul 2008 19:34:41 -0000 2007/9/29 RW : > On Sun, 30 Sep 2007 02:22:42 +0200 > Sten Daniel Soersdal wrote: > > > Agus wrote: > > > Hi guys, > > > > > > How are you today? > > > The question is this..I want to restrict external access, that is > > > from my BSD to the internet, to some groups of users. Other groups > > > i want to access internet normally. I dont want this group of users > > > to be able to establish connections to the internet but yes to the > > > internal systems on the LAN... > > > > > > Is this possible without hacking the kernel? > > > > > > Thanks and salutes for all > > > > > > > You want to restrict internet, but not LAN, access for certain users > > logged into your BSD box? > > > > man ipfw ( look for "uid" and "gid" ) > > man pf ( look for "user" and "group" ) > > > > Danger Will Robinson! > > Don't do that unless you've read the bugs sections of the ipfw > and pf.conf man pages. > _______________________________________________ > freebsd-questions@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-questions > To unsubscribe, send any mail to " > freebsd-questions-unsubscribe@freebsd.org" > OK...cool...i am using pf as firewall...arent any issues in using both? i mean pf and ipfw? Cheers, Agustin