On Sat, Jul 28, 2001 at 09:07:13AM -0700, Randolph S. Kahle wrote: > Thank you for the reply. I forgot to mention one complication, I am > setting this machine up for someone who will not have root access (I > will retain that). I am doing this so that they cannot "mess up" their > own machine... > > The user will be able, from a user account, do a pon, poff, etc. to > connect to the ISP. So, my challenge is to have the scripts run from > user level security and install the firewall rules. > > How do I do this?
Make sure that the user is in the "dialout" group, so she can run pon and poff to start and stop a dialin session determined by one of the files in /etc/ppp/peers/. When ppp has brought up a link, it starts the /etc/ppp/ip-up and passes it several parameters, among which is the assigned local ip address. When you install the ipmasq package, it installs a script in the /etc/ppp/ip-up.d/ directory, that is read in turn by /etc/ppp/ip-up. The ipmasq script will automatically setup your machine as a masquerading gateway. Cheers, Joost
