ipfw and gateway SRVR controling.

[Alex de Kruijff]

On Fri, Nov 28, 2003 at 12:36:44AM +0300, Marwan Sultan wrote:
> Hello everyone,
> 
>    My boss asked me to do a gateway server, which can control the access
>    to internet users on our LAN.

Make sure it has two NICs. On one you put the lan on the other the
internet connection. In some cases you like to the tree NICs. The thirth
then allows a DMZ setup.

>    I have a DSL Router connected to internet, -> should be connected to
>    FreeBSD 4.8-R box, and this box provide the internet access to the LAN
>    and control it.
> 
>    putting the box to internet, no big deal, My question is
>    How to controll the Internet access to users on lan?
>    For example:
>    To give this certain IP an Internet access and to Block the other IP
>    from having the internet access (with keeping the LAN up for the IP) ?
>    Also to set something like, Give this IP on LAN an internet from this 
>    hour to this hour?
> 
>    Can someone please give me an Example on ipfw?

You can read my home page or use google or the mail archies to search
for some examples.

>    and is the ipfw the only way to do it? 

No, other options include ipf and route. The later is very limmeted.
ipfw does the same as ipf plus allow you to have traffic shaper. You can
use ipfw and ipf at the same time if you like.

>    I never used ipfw, so a kind detail help is really appreciate it.
>
>    sorry for long email, and thank you.

I say it about the ride size.

-- 
Alex

Articles based on solutions that I use:
http://www.kruijff.org/alex/index.php?dir=docs/FreeBSD/