|
Hi,
Thanks for the awesome packet filtering tool. It has really come in handy for our school setup. I have on issue that I am hoping you can help me with. After thoroughly researching this issue I can't seem to find any solution to the following situation in my school setup: The server is Gateway/Firewall
IPTables ver: 1.2.6 Kernel: 2.4.18 (Red Hat) Cable Modem (with DHCP for external address) Internal network: 192.168.1.0/24 Internal interface: eth0 External interface: eth1 Internally we use DHCP service to allocate ips to the student PCs. (192.168.1.0/24) Goal of what I am trying to do: When the firewall
first starts we would like to redirect all HTTP traffic headed to the internet
from the student PCs to our internal webserver (192.168.1.1) where the students
are first required to pick an assignment. Once a student picks an assignment
then we would like to allow only that student's ip to access the internet, hence
allow his HTTP traffic out to the internet. This way we can restrict the
students from wasting time and allow us to keep records of each student
accepting assignments before having access to the internet to do the research
for the assignment.
The key here is to only allow those student PCs
that have selected an assignment access to the internet and redirect all other
students to our local webserver till they pick an assignment.
From my current understanding of IPTables it
appears that you can only do redirection/dnat in the -t nat PREROUTING chain but
then this ends up applying to all IPs instead of select few.
Any help is greatly appreciated.
Thanks in
advance |
