Date: Tue, 22 May 2012 12:05:38 +0200 From: =?UTF-8?B?SmFrdWIgU3phZnJhxYRza2k=?= <s@samu.pl> To: freebsd-hackers@freebsd.org. Subject: Re: Separating IP addresses between users Message-ID: <4FBB64F2.1020000@samu.pl>
next in thread | raw e-mail | index | archive | help
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On 16.05.2012 21:06, Will Froning wrote: > Hello Jakub, > > I've never used it, but have you looked at authpf(8)? A quick look at the man pages suggest you can have different NAT entries per-user. > > Thanks, > Will > > -- > Will Froning > Unix SysAdmin > Will.Froning@GMail.com > MSN: wfroning@angui.sh Hi, If I understand the manual page correctly, it allows for per user NAT entriees, but only on their sshd(8) sessions. What I need is to separate every service of an user - crontab launched software, php-spawned applications, every possible aspect of his account. A jail-based solution would be fine, so that the user can 'see' all the IPs I allow him to 'see' in a network interface. (I hope that my mail client isn't screwed up again and I've actually replied to the maillist, and not started a new thread...) - -- Best Regards, Jakub SzafraĆski -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.11 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ iQEbBAEBAgAGBQJPu2TyAAoJEMFTYabJw8eXj84H+MY9NU1jrEfvzvJOL+Kf8+A/ 8l4XzN/qkmsDV2WuzwGByZNmeTSH89V3iVSic6mAL1agMnDuY1TV5rbslX/b+uNd fwwbFW279OEsRhVXAFTT6i+8yGab47Zw28SoF+fTPvW+FarL2rCROrsYnI7qff0L 9kRJ4BD8taS1RFDZZj13nHuHWnQlApCib3NAEQumiWXILS9eNHLAs9lNV1P24baW JWpz4spCYnN6jKjDPnN4PXERHMLYTvZy9DUl6x9GWcT7V4OL80z72ur/tomIXvZ6 UHYrBU72TkJCTMi8Nw7DV/NYeL3ACFWQN8lFO4cOB07mc3bJrdy4tylu/iFqlA== =kdWX -----END PGP SIGNATURE-----
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?4FBB64F2.1020000>