On 28 Jul 2001 19:01:07 +0200, Philipp Lehman wrote: > On 28 Jul 2001, John Hasler <[EMAIL PROTECTED]> wrote: > > >Randy writes: > >> The user will be able, from a user account, do a pon, poff, etc. to > >> connect to the ISP. So, my challenge is to have the scripts run from > >> user level security and install the firewall rules. > > > >> How do I do this? > > > >The scripts in /etc/ppp/ip-up.d and /etc/ppp/ip-down.d are run when ppp > >comes up and goes down respectively. They are run by pppd and so run as > >root no matter who ran pon and poff. > > Alternatively, he could use the interface as a filter target instead > of the IP address. Should be fine on stand-alone machine with a single > external interface.
Oh! I did not know I could do that. Are you saying that I could have the ipchain rules read. $IPCHAINS -A tcpOutB -p tcp -s $NETWORK_PRIVATE $PORTS_UNPRIV \ -d ppp0 $PORTS_WWW -j ACCEPT ??? Regards, Randy > > -- > Philipp Lehman <[EMAIL PROTECTED]> > > > -- > To UNSUBSCRIBE, email to [EMAIL PROTECTED] > with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED] > >
