From owner-freebsd-questions Wed Aug 14 14:28:52 2002 Delivered-To: freebsd-questions@freebsd.org Received: from mx1.FreeBSD.org (mx1.FreeBSD.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 76B0A37B42B for ; Wed, 14 Aug 2002 14:28:47 -0700 (PDT) Received: from services.webwarrior.net (overlord-host99.dsl.visi.com [209.98.86.99]) by mx1.FreeBSD.org (Postfix) with ESMTP id 0FA8143E42 for ; Wed, 14 Aug 2002 14:28:47 -0700 (PDT) (envelope-from friar_josh@webwarrior.net) Received: from heater.vladsempire.net (12-218-27-215.client.mchsi.com [12.218.27.215]) by services.webwarrior.net (Postfix) with ESMTP id 8D1F124FA5; Wed, 14 Aug 2002 16:28:54 +0000 (GMT) Subject: Re: Integrated firewall From: Josh Paetzel Reply-To: friar_josh@webwarrior.net To: Derek Cc: freebsd-questions@freebsd.org In-Reply-To: <000601c243ae$5f9891c0$04fea8c0@motorcity.on.ca> References: <000601c243ae$5f9891c0$04fea8c0@motorcity.on.ca> Content-Type: text/plain Content-Transfer-Encoding: 7bit X-Mailer: Ximian Evolution 1.0.8 Date: 14 Aug 2002 16:27:14 +0000 Message-Id: <1029342435.364.13.camel@heater.vladsempire.net> Mime-Version: 1.0 Sender: owner-freebsd-questions@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG On Wed, 2002-08-14 at 16:19, Derek wrote: > Hello, > In the past I have had excellent success with ipfw for my > firewall needs. I would like to set up some kind of integration > with Windows 2000 active directory (I know that probably brings > shudders to most, myself included), much like their ISA server > product. > > In a nutshell, I would like to set up packet filters on a > per-user basis for a network that is 96% Windows 2000, with > FreeBSD as the packet filter. > > Has anyone had experience/success/failure with this in the past, > or any ideas on how to implement this? > > Thanks, > Derek ipfw can't filter on the IP level of info, if your users were tied to specific IPs then what you want shouldn't be too difficult. If however, they are roaming or getting dynamic ips, I don't see how ipfw could deal with that. Josh To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message