Date: Fri, 26 Sep 2008 11:15:04 +0700 (ICT) From: Olivier Nicole <on@cs.ait.ac.th> To: kdk@daleco.biz Cc: tjg@soe.ucsc.edu, freebsd-questions@freebsd.org Subject: Re: NATD Reverse Proxy Message-ID: <200809260415.m8Q4F4u7074316@banyan.cs.ait.ac.th> In-Reply-To: <48DC5E21.5010008@daleco.biz> (message from Kevin Kinsey on Thu, 25 Sep 2008 22:59:29 -0500) References: <5A97CB869CB943CA9C29606D8E52DF5E@soe.cse.ucsc.edu> <48DC5E21.5010008@daleco.biz>
next in thread | previous in thread | raw e-mail | index | archive | help
> I'm trying to build a server that will act as a gateway between my wireless > network and the rest of the world. Here's an overview of the current setup: > > 1. FreeBSD 7.1 > 2. isc-dhcp3-server-3.0.5_2 > 3. natd configured to connect fxp0 (public network, dynamic IP) to fxp1 > (private network, static IP) > 4. ipfw > 5. bind > 6. apache 2.2 > 7. php 5.2.6 > > Right now, when someone connects to the private net, they get an IP address > and can connect to the Internet no problemo. So, this is all working so > far. > > What I'd like to do next is this: > > When someone obtains an IP address, I'm going to configure DHCP to block > that IP using IPFW initially, and I'd like to redirect any requests that > come from that IP to port 80 or 443 to be silently redirected to the local > Apache installation, where the user can enter their login and password. > Once they've been authenticated, the firewall will allow them to connect out > to everywhere else. I think that monowall (or pfsense) do that for you. Best regards, Olivier
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200809260415.m8Q4F4u7074316>