SLUG Mailing List Archives - [SLUG] Setting up pptpd server with filtering

To: Slug <slug@xxxxxxxxxxx>
Subject: [SLUG] Setting up pptpd server with filtering
From: Alex Samad <alex@xxxxxxxxxxxx>
Date: Thu, 6 Nov 2008 16:38:50 +1100
User-agent: Mutt/1.5.18 (2008-05-17)

Hi

I have setup a pptpd server talking to a windows AD via winbind.so


Now I want to be able to limit access to certain parts of the network
based upon who has vpn'ed in.  

Having a look at the ip-up scripts there is no mention of user id.


I have noticed that pptpd logs to wtmp logins and logout. I was figuring
that i could use the ip-up scripts to capture the ip address of the
client, find the interface and then lookup last to find the user and
then I could set some iptables rules.  and then try and undo what i have
done on logout.

But that seems fraught with too many places it could go wrong.


I don't really want to undo the winbind install and move to radius
(seems like more pain that it would be worth)

It would be nice if I could use the chap-secrets and winbind as the same
time, but that seems to be ruled out by the winbind plugin.


any thoughts  ?

Alex


-- 
"Actually, I --this may sound a little West Texas to you, but I like it. When I'm talking about-- when I'm talking about myself, and when he's talking about myself, all of us are talking about me."

	- George W. Bush
05/31/2000
Hardball, MSNBC

Attachment: signature.asc
Description: Digital signature

Messages sorted by: [ date | thread ]
Prev by Date: [SLUG] sane segfault
Next by Date: [SLUG] OT: moving from Access to ...?
Previous by thread: [SLUG] sane segfault
Next by thread: [SLUG] OT: moving from Access to ...?