User restriction
 

Hi all at the office we have some open machines meaning clients of the street have access to them these were all windows now we are making them Ubuntu how could I restrict a user account from seeing the local network. Or access the local network

Thank you
JJV

nothing to do with networking. Moved to Linux - Newbie.

What do you mean by "seeing the network"? Networking is about cables and network cards and IP addresses, you can't stop a user "seeing" this, as it's below the level of a user account. The machine is on a network, not a user. If you're confusing networking with services that happen to require a network, e.g. windows file sharing, then that it not about networking.

Don't plug in the ethernet cable.

Hate to say it, but if it's a genuine network issue, I'm with him...

in short, without unplugging the network cable, you can't, however you can remove access to various network programs such as ping, ssh, telnet, ftp, traceroute and ifconfig such that only someone with root access can use them.

User restriction
 

wow OK maybe I need to explain more 10 computers 5 say workgroup1 and 5 computers workgroup2 all have INTERNET through 1 router if you browse the network in Ubuntu with Nautilus both sets of machines can see and access the different work group's meaning workgroup1 and workgroup2 sins workgroup2 is the staff i would like to configure workgroup1's set off computers so it wont see workgroup2 and wont have access to it. So I kind of don't see it not being network issue. Is that more clear sorry sometimes I think people is smarter than they are and should just know not the case.

Do you mean that computers in workgroup1 can browse folders on workgroup2 machines? This would be controlled by the SAMBA server of the workgroup2 machines (if on Linux) or by the shared folder configuration (if workgroup2's machines run Windows). You could edit the SAMBA/folder sharing permissions to require a password to connect to the shares or (better yet) set up a mechanism to only allow connections from other workgroup2 machines. Since you haven't provided a lot of information about how your network is set up (static vs dynamic addressing, whether user accounts are stored locally vs in a central database such as NIS, LDAP, or Active Directory, etc.) it's hard to advise you on the best way to proceed, but hopefully this will help get you started.

Again, you're doing a very poor job of explaining the situation. I'm going to assume that, since you mentioned Nautilus, the problem is preventing these public computers on the same LAN segment from seeing file shares.

Don't install Samba on those systems.

User restriction
 

Well thanks for the info I will look it up. And to (SL00b "Again, you're doing a very poor job of explaining the situation.") if you want to get sarcastic like that don't answer questions ask nicely like "Could you explain a little more' or I don't understand this part could you please explain more...... Thank you for your answer by the way I will look at it to.

To all people If you intend to help build up don't brake down. Not everybody is comfortable in asking for help , some people have a certain way of seeing and expressing things that is not always everybody's way. A little manners and tact can go a long way.
Thank you
Live long and prosper.

There was no sarcasm in my post. I simply pointed out that you were doing a poor job of explaining your problem... because you were doing such a poor job of explaining your problem. If you fail to explain your problem, nobody can help you.

My first response, "Don't plug in the ethernet cable," is a perfectly viable solution to the problem as you described it. My second response, "Don't install Samba," is a perfectly viable solution to the problem as you described it the second time around. I have no idea if that's the answer you're looking for either, because I'm still just guessing at what it is you're really trying to accomplish.

Personally, I find it incredibly bad manners to present a problem to a community of unpaid volunteers that you're being paid to resolve, and expect them to play a game of Twenty Questions because you're not interested in explaining yourself.

User restriction
 

OK look we can start flinging words back and forth were you say your peace and I say mine . I am not in the mood for that so .......thanks for the ideas. You are Sarcastic I have bad Manners we are even............lol

I can tel all the fix is add a IP table and Drop All Traffic from a Specific IP on the computer you don't want the access. example iptables -I INPUT -s 12.34.56.87 -j DROP. That will remove that computers ability to see that ip on the network or access it

so what i am to understand is that you have a system set up like
and you want wg1 to only be able to see wg1 computers and likewise wg2 computers to only be able to see wg2 computers?

that would be a matter of a managed switch capable of creating vlans
http://en.wikipedia.org/wiki/Vlan

and making sure that the vlans can only talk to the router and not to each other

User restriction
 

Thank you thank you someone understand lol
Thank you I will look it up a friend told me about the ip rules or dual nic card pc that act like a firewall between router and switch but I am going to look at this thank you.