network access control with transparent proxy server
I posted the same question in linux newbie, but read over some of the other questions and realized that this doesn't quite fit there quite as well as I had first thought.
I'm running gentoo.
I've installed squid and shorewall, and have a pretty good idea as to how shorewall works and how to set it up. Squid...I'm still figuring out.
I was wondering if maybe someone has a suggestion as to a better way of attacking my problem. I want one computer to act as the router, firewall, etc. Then, when anyone connects to the network with their computer, and open up a browser window, I want to redirect whatever they do to my internal website which will ask them for special credentials. Then after that, if successful, I want them to be able to search whatever websites and do whatever they want.
------------
internet |
------------
|
|
-------------------------------
router/firewall/dhcp/apache/etc |
-------------------------------
|
|
-----------------------------
switch or hub |
-----------------------------
|
|
-----------------------------
random connections |
from other computers |
-----------------------------
In shorewall, I see you can to mac filtering for whitelists, but I didn't see a way to do this dynamically. Also, when a mac isn't found in a list, I can only reject or drop the request, I can't tell it to redirect....or can I? I hope someone can help me figure this out...i've been beating my head against the wall for hours now
Thanks.
-Nimesh
|