Date: Sat, 29 Jun 2002 15:53:48 -0700 (PDT) From: "Nielsen" <nielsen@memberwebs.com> To: "Terry Lambert" <tlambert2@mindspring.com>, "Joao Carlos" <jcrr@ieee.org> Cc: "Luigi Rizzo" <rizzo@icir.org>, "Ken Ebling" <kebling@us-it.net>, <freebsd-hackers@freebsd.org> Subject: Re: ipfw/dummynet suggestion Message-ID: <20020629225348.F2DAD43E06@mx1.FreeBSD.org> References: <000801c21f1c$029cefe0$0201a8c0@Ken> <3D1D4EB3.9410011@mindspring.com> <20020629170251.65DDB43E13@mx1.FreeBSD.org> <20020629110237.A73787@iguana.icir.org> <001f01c21f99$3c363cc0$1e6eb0c8@pchome> <3D1E2B38.A70658EA@mindspring.com>
next in thread | previous in thread | raw e-mail | index | archive | help
> Seriously, I'm wondering what "security restrictions" are so > onerous that users are willing to change their IP addresses to > get around them, and why they are there in the first place? Well in certain cases it's company policy that certain machines (ie: users) can't browse the web during certain hours. I didn't make the rules, just asked to implement them. > Finally, I'll suggest that if you truly want to implement this > thing, that the "correct" way to do it is probably to use the > per machine NT Domain Controller information via hacking up the > code from the SAMBA project, so that you can *ask* the NT domain > controller for the credentials associated with an IP address, > since this access control model is why NT Domaons were designed. True, but often the simplest, semi-reliable solution wins out, so it came down to machines and MAC addresses. Nate To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-hackers" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20020629225348.F2DAD43E06>