From: Steve C. <cay...@um...> - 2009-08-28 03:39:08
|
Sudev Barar wrote: > 2009/8/28 Jignesh Shah <jig...@yo...>: >> [...] >> Note: when we show the log at External firewall we see only server's >> IP log (172.16.16.200) insted of client IP log >> How can we configure so each client >> take their individual IP address while surfing. > > Your explanation is not very clear Jignesh but in case of LTSP network > only the server address will show up to any other device (inetrnal or > external). So if you want host based firewall it is not going to work. > You need user based firewall. > > You can set up transparent proxy with squis+squidgaurd that requires > user authentication. And access allowance can then be user/group > based. > Yes, remember that the user's activity is all happening on the server. It's just getting displayed on the client machine. However, if you are using a proxy/firewall like squid which can use ident lookups for access control you can write your own simple ident server script to return the IP address of the client the user is sitting at rather than the user's name. I'm using this method to limit access to some sites depending on which room the user is in. -Steve |