From owner-freebsd-questions@FreeBSD.ORG Tue Nov 11 04:44:21 2014 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 59026141 for ; Tue, 11 Nov 2014 04:44:21 +0000 (UTC) Received: from mail-ig0-x233.google.com (mail-ig0-x233.google.com [IPv6:2607:f8b0:4001:c05::233]) (using TLSv1 with cipher ECDHE-RSA-RC4-SHA (128/128 bits)) (Client CN "smtp.gmail.com", Issuer "Google Internet Authority G2" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 20A10EFC for ; Tue, 11 Nov 2014 04:44:21 +0000 (UTC) Received: by mail-ig0-f179.google.com with SMTP id r10so368832igi.6 for ; Mon, 10 Nov 2014 20:44:20 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:sender:in-reply-to:references:date:message-id:subject :from:to:cc:content-type; bh=56st3WH3t38vVyQ4ScbTTVGIC6bp2JgCZm4O9IpUvRA=; b=ID8tA0g0DzsTDWcGksFRRsPKUdCXJ090c/Nbr+dXWY3dIGHhLxZ1ukjdD6Hde04ojJ obPkNR7RMbHleL0SmGgfyqvKbf4P6sSBL8YLbIEncf4rT7Pyw+BEevZFhgt26TM42/td ZSLxHz06lmdmv/ztnPOn7G8ceQXUCyFqyAx0x+AeLNy1ROVGrpVAX3A3P6V9qOzrKZcQ 5n9mTtD9LngGeAt6cmHZiQTdqXGhcSNKp/WmaLpjv3mj2BHdmggc7Znc1lr4b3GCZPPb 103jRE+GUM5LQFB3B3Iu3LGXfizrYU2Dm03H4fE7uK/y5bC3yq9ykeSV0Tpsjqd+v1s0 3QMA== MIME-Version: 1.0 X-Received: by 10.51.16.37 with SMTP id ft5mr29563677igd.6.1415681060577; Mon, 10 Nov 2014 20:44:20 -0800 (PST) Sender: olivier2553@gmail.com Received: by 10.107.54.146 with HTTP; Mon, 10 Nov 2014 20:44:20 -0800 (PST) In-Reply-To: <754511415658833@web4j.yandex.ru> References: <754511415658833@web4j.yandex.ru> Date: Tue, 11 Nov 2014 11:44:20 +0700 X-Google-Sender-Auth: uMy8PALc49go-LzjJic_PkS-i08 Message-ID: Subject: Re: Captive portal with forced IP? From: Olivier Nicole To: Martin Hanson Content-Type: text/plain; charset=UTF-8 Cc: FreeBSD Questions Mailing List X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.18-1 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 11 Nov 2014 04:44:21 -0000 Hi Martin, > Does there exist something which requires users to login, but at the same time forces a specific IP to their account? > > So if they spoof their mac/ip they cannot login using their normal credentials - they get logged out and looses access? > > In this case a user would not only be required to login with his credentials before he can access the network, but his box would also be bound to a specific IP and MAC, which then would have some restrictions due to the firewall. Instead of forcing a fixed IP, I would look for some captive portal+firewall that creates dynamic filtering rules depending on the username: - the user's machine gets on the network and acquire a dynamic IP - the user connects to the captive portal - the firewall updates the filtering rules for the IP being used by the user That would be more flexible. Best regards, Olivier > > I know this is not 100% FreeBSD specific, but I want this to run on FreeBSD and are wondering how others perhaps are doing it. > > Thanks and kind regards! > > Martin > _______________________________________________ > freebsd-questions@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-questions > To unsubscribe, send any mail to "freebsd-questions-unsubscribe@freebsd.org"