Date: Fri, 19 Sep 2008 08:47:55 -0500 From: "Andrew Gould" <andrewlylegould@gmail.com> To: "Yury Michurin" <yury.michurin@gmail.com> Cc: freebsd-questions@freebsd.org Subject: Re: ipf filter by user/group Message-ID: <d356c5630809190647k99b2288s69eeb3bfccfbee2a@mail.gmail.com> In-Reply-To: <692c9a9f0809190604m468da35eta9b9e12531b35e7b@mail.gmail.com> References: <692c9a9f0809190439o57f9de43w8e3c8588f0c9cb0b@mail.gmail.com> <692c9a9f0809190604m468da35eta9b9e12531b35e7b@mail.gmail.com>
next in thread | previous in thread | raw e-mail | index | archive | help
On Fri, Sep 19, 2008 at 8:04 AM, Yury Michurin <yury.michurin@gmail.com>wrote: > Sorry for the mistake, i meant pf, the openbsd's packet filter. > > On Fri, Sep 19, 2008 at 2:39 PM, Yury Michurin <yury.michurin@gmail.com > >wrote: > > > Hello, > > I'm quite new to ipf, Is there an option of filtering packets by > > user/group? > > > > What i want to accomplish is: > > 1. Block users from group 'users' to make outbound connections > > 2. Count traffic for users: alpha, beta, gamma > > > > If i can't accomplish that with ipf, what other firewall you suggest? > > > > > > Thank you for your time, > > Yury. > > > Check out authpf, which is part of pf: http://www.openbsd.org/faq/pf/authpf.html Users have to login as an authpf user via ssh. Once the authpf user is logged in, pf does it's filtering based upon the authpf user's IP address. You can create a ruleset for each authpf user. authpf users without their own ruleset use the a default ruleset. I hope this helps. Andrew
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?d356c5630809190647k99b2288s69eeb3bfccfbee2a>