ipf filter by user/group
Andrew Gould
andrewlylegould at gmail.com
Fri Sep 19 13:47:56 UTC 2008
On Fri, Sep 19, 2008 at 8:04 AM, Yury Michurin <yury.michurin at gmail.com>wrote:
> Sorry for the mistake, i meant pf, the openbsd's packet filter.
>
> On Fri, Sep 19, 2008 at 2:39 PM, Yury Michurin <yury.michurin at gmail.com
> >wrote:
>
> > Hello,
> > I'm quite new to ipf, Is there an option of filtering packets by
> > user/group?
> >
> > What i want to accomplish is:
> > 1. Block users from group 'users' to make outbound connections
> > 2. Count traffic for users: alpha, beta, gamma
> >
> > If i can't accomplish that with ipf, what other firewall you suggest?
> >
> >
> > Thank you for your time,
> > Yury.
> >
>
Check out authpf, which is part of pf:
http://www.openbsd.org/faq/pf/authpf.html
Users have to login as an authpf user via ssh. Once the authpf user is
logged in, pf does it's filtering based upon the authpf user's IP address.
You can create a ruleset for each authpf user. authpf users without their
own ruleset use the a default ruleset.
I hope this helps.
Andrew
More information about the freebsd-questions
mailing list