different firewall rules for different users

To: debian-firewall@lists.debian.org
Subject: different firewall rules for different users
From: Philip <subs@christiantena.net>
Date: Wed, 03 Mar 2010 11:34:45 +0000
Message-id: <[🔎] 4B8E4955.60009@christiantena.net>

Hello

Is there an easy way to set up different rules for different users of a desktop machine?
I have a small home network with different PCs for different purposes.
There is a general purpose Lenny desktop that the whole family uses.
It has a private IP address.
This can get to the Internet either through NAT on a FreeBSD firewall, or through a Dansguardian
proxy, currently running on a different Etch box. Eventually I plan to migrate dansguardian onto the
freebsd box.

Is there an easy way that if I or another adult is logged in then we can get to the NAT box, but if
one of my (small) children are logged in then the only way out is through the proxy?

I am think that one way would be for some kind of firewall on the desktop with some scripting on
login that modifies the rules.

The other option be that the desktop changes its IP address, or it has alias addresses and uses a
different address depending on who is logged in, and then I could have different rules for the
different addresses on the FreeBSD firewall.

thanks for any help, Philip.

Reply to:

Follow-Ups:
- Re: different firewall rules for different users
  - From: Pascal Hambourg <pascal.mail@plouf.fr.eu.org>

Prev by Date: RE: Desperate for good firewall: ARP and DNS attacks
Next by Date: RE: different firewall rules for different users
Previous by thread: Re: shaping: dividing bandwidth between router & NAT hosts
Next by thread: Re: different firewall rules for different users
Index(es):
- Date
- Thread