hi,
depends on many things:
if you want the boxes to have "full" internet access (all ports, all
protocolls without restriction), you will have to configure the kernel
on the gateway ("the server") using iptables accordingly. not too
difficult, but introduces many security risks in your entire network.
if you want the boxes to have access to only "some" protocols like
http(s), ftp, ssh etc. you will be happy with proxies (eg. squid for
http and ftp).
depending if you have more boxes to *permit* or *allow* access you can -
most of the time - easily configure either iptables or your proxy-app
accordingly by creating access groups that (1) either deny access for
all but listed boxes or (2) allow access for all except listed ones.
proxying will unfortunately not work for every protocol that you might
need, but in general is is the easiest and most secure way to do this.
udo
Am Don, 2002-05-23 um 16.37 schrieb Richard Laframboise:
>
>
> Hi List,
>
> What is the best way to prevent a specific station to have access
> to the internet ? or to assign the privilege to selected stations only ?
>
> The internet is made available thru a shared connexion from a LM
> 8.2 server and all stations must be on the same subnet.
>
> Thanks
>
> Richard
>
>
>
> ----
>
> Want to buy your Pack or Services from MandrakeSoft?
> Go to http://www.mandrakestore.com
Want to buy your Pack or Services from MandrakeSoft?
Go to http://www.mandrakestore.com
