As you can see by the poorness of my language, English is not my native language. I am writing this document in English for the sake of the Linux community. So, please, excuse me for my poor English. And, please, if you speak Portuguese, address me in this language.
This document intends to enlighten you (and myself) in the process of building a Linux Gateway or Firewall, which modify rules on demand when users log in or out from their Windows workstations.
I should be writing an application, but I am too lazy. Hopefully when the idea is out there, people will build a few intelligently integrated packages. Meanwhile...
In this document, I will try to show how to build a gateway to NAT or MASQUERADE Windows workstations. Use your imagination to modify it to get any level of network management. You may use it to grant or deny access to services, servers or entire subnetworks on your network.
Imagine that you have to build a gateway to let Windows workstation access the Internet and that you need to authenticate each user before letting them access the external networks. The first solution you think about is Squid. Its indeed a great solution, when http and ftp access is enough for your users. when it comes to let them access other services like pop, smtp, ssh, a database server or whatever else, you immediately think about NAT or MASQUERADE. But what happens to the user authentication?
Well, this is my solution. It gives you user authentication and fine grain control over their access to the network.
No liability for the contents of this document can be accepted. Use the concepts, examples and other content at your own risk. As this is a new edition of this document, there may be errors and inaccuracies, that may of course be damaging to your system. Proceed with caution, and although this is highly unlikely, the author(s) do not take any responsibility for that.
All copyrights are held by their respective owners, unless specifically noted otherwise. Use of a term in this document should not be regarded as affecting the validity of any trademark or service mark.
Naming of particular products or brands should not be seen as endorsements.
The newest release of this document can be found at http://smbgate.sourceforge.net
Related HOWTOs can be found at the Linux Documentation Project homepage.
A Portuguese version is available. If you want to contribute, please do.
Contributions and criticism are both welcome.
Corrections to my English are also very welcome!
If you want to mail me, my account is ricardo.mattar at the computer named bol.com.br. You may thank the spammers and their nice spiders for the format of my address.
Copyright (c) 2002 Ricardo Alexandre Mattar
Permission is granted to copy, distribute and/or modify this document under the terms of the GNU Free Documentation License, Version 1.2 or any later version published by the Free Software Foundation; with no Invariant Sections, no Front-Cover Texts, and no Back-Cover Texts. A copy of the license is included in the section entitled "GNU Free Documentation License".
Thanks to Carlos Alberto Reis Ribeiro for introducing me to Linux.
Thanks to Cesar Bremer Pinheiro for motivating me to write this document.
Thanks to Guillaume Lelarge for helping with the revision (he caught my english errors, but I insisted on a few).
Thanks to Erik Esplund for further language corrections.
Закладки на сайте
Проследить за страницей
Created 1996-2022 by Maxim Chirkov
Добавить, Поддержать, Вебмастеру