From owner-freebsd-isp Thu Feb 25 5:56:41 1999 Delivered-To: freebsd-isp@freebsd.org Received: from carme.eclipse.net.uk (carme.eclipse.net.uk [195.188.32.33]) by hub.freebsd.org (Postfix) with ESMTP id 654E314DE5 for ; Thu, 25 Feb 1999 05:56:38 -0800 (PST) (envelope-from stuart@eclipse.net.uk) Received: from eclipse.net.uk (elara.eclipse.net.uk [195.188.32.31]) by carme.eclipse.net.uk (8.9.3/8.9.3) with ESMTP id NAA16390; Thu, 25 Feb 1999 13:48:09 GMT Message-ID: <36D554E1.1F8A5EE3@eclipse.net.uk> Date: Thu, 25 Feb 1999 13:49:21 +0000 From: Stuart Henderson Organization: Eclipse Networking Ltd. X-Mailer: Mozilla 4.5 [en] (WinNT; U) X-Accept-Language: en-GB MIME-Version: 1.0 To: "Andrew A.Karjagin" Cc: "isp@FreeBSD.ORG" Subject: Re: Auth and Count LAN users References: <36D4E399.5E8E3CF8@tdis.gctc.rssi.ru> Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit Sender: owner-freebsd-isp@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org > How can I administrate them (allow/deny access to outside Internet, > count outside incoming traffic of each user and so on)? What programs > are designed for it? Can I do it without a Cisco or not? You don't need a Cisco. Compile a kernel with IPFIREWALL and look at the manpage for ipfw. Output of the "ipfw sho" looks like this: 08888 1771767 218918444 allow tcp from any to 195.188.32.32 8080 09999 3645718 1768146785 allow tcp from 195.188.32.32 to any first number is the rule number, second is number of packets, third is number of bytes. If you use a newer freebsd, you can use the ipfw with the "dummynet" addons to restrict traffic to a certain bandwidth as well. HTH Stuart To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message