network access control with transparent proxy server
I posted the same question in linux newbie, but read over some of the other questions and realized that this doesn't quite fit there quite as well as I had first thought.
I'm running gentoo. I've installed squid and shorewall, and have a pretty good idea as to how shorewall works and how to set it up. Squid...I'm still figuring out. I was wondering if maybe someone has a suggestion as to a better way of attacking my problem. I want one computer to act as the router, firewall, etc. Then, when anyone connects to the network with their computer, and open up a browser window, I want to redirect whatever they do to my internal website which will ask them for special credentials. Then after that, if successful, I want them to be able to search whatever websites and do whatever they want. ------------ internet | ------------ | | ------------------------------- router/firewall/dhcp/apache/etc | ------------------------------- | | ----------------------------- switch or hub | ----------------------------- | | ----------------------------- random connections | from other computers | ----------------------------- In shorewall, I see you can to mac filtering for whitelists, but I didn't see a way to do this dynamically. Also, when a mac isn't found in a list, I can only reject or drop the request, I can't tell it to redirect....or can I? I hope someone can help me figure this out...i've been beating my head against the wall for hours now Thanks. -Nimesh |
You have the right idea but i think that a better way to accomplish what you are wanting to do is use shorewall+squid+squidguard.
shorewall will act as the firewall squid as a caching proxy and authenication server squidguard for filtering and redirection. squidguard can be easily intergrated into squid |
All times are GMT -5. The time now is 05:34 AM. |