On Mon, 2 Mar 1998, Ian Perry wrote:
> Sorry, Maybe I did not explain it well enough.
>
> The remote IP stays the same for all users loggin in (there is only
> one dial-in port)
>
> The route table has to change according to the user, not by the remote
> IP.
>
> The only means I have of Identifying which user is logging in is the
> Login Name.
>
> If it were a different IP then, not a problem, I have done it on other
> nodes.
>
> The modem dialin line gets IP 12.45.67.89 This never changes, and any
> one of half a dozen people can use it.
>
> This is routes out onto node 192.168.1.127 on eth0
>
> Only one user is permitted to get to machine 192.168.1.1
>
> Can ip-up identify a user ?...
not directly. you must have missed the bit in my reply where i (very
briefly) discussed doing that.
here it is again:
> > it also has demonstrates a special ipfwadm (firewall/packet filter)
> > rule for 192.168.0.2. e.g. say you have a service running on one
> > of your machines which your users have to pay extra to get access
> > to...actually, you'd probably do this based on user name rather than IP
> > address - you could use $2 (the tty) to lookup the user name. you'd use
> > /etc/ppp/ip-down to delete the ipfwadm rule when the interface died.
the idea is to use the tty (in $2) to identify the username. something
like:
USER=$( w | grep " $2 " | awk '{print $1}' )
will probably work. test it to see if it really does work in all cases.
adapt as necessary.
once you've got the user name, you can do whatever you need...e.g:
case "$USER" in
fred) do this ;;
joe) do that ;;
esac
> or can you specify a different ip-up for each user ?
no, there's one /etc/ppp/ip-up script. you can use if/then/else or case
statements (or equivalent if you use another language) to decide what to
do.
craig
--
craig sanders
--
TO UNSUBSCRIBE FROM THIS MAILING LIST: e-mail the word "unsubscribe" to
[EMAIL PROTECTED] .
Trouble? e-mail to [EMAIL PROTECTED] .
