Re: Do I need to write a module?

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On Tue, Jun 24, 2003 at 10:22:52AM -0500, Tony Thompson wrote:

> Thanks for the response.  Maybe I should give a better picture of what I
> am trying to do.  I have a private network that I am trying to route
> through a Linux box.  I want to deny all traffic (from a MAC address)
> until a user authenticates, with their browser, to a Java application on
> the Linux server (when they authenticate, something has to happen to let
> netfilter know that the MAC address is allowed to pass).  There has to
> be some level of coordination at that point between the Java app and
> netfilter so that session timeouts, etc. can be handled.  I would like
> to have all of this happen as close to real time (i.e. not batched) as
> possible.
> 
> After writing this out, maybe I don't even need a module but, just a
> way to control netfilter from a Java app.  I am still open to
> suggestions...

Yes, what you need is to control netfilter from a Java app.

Before the authentication, redirect his web traffic to your java app.

After the authentication, remove the MAC restriction for the client,
add the necessary rules for his service.

Also, I'd implement some kind of timer to go off after certain period
of inactivity and remove the permission of his MAC.

It sounds easy but I'm sure it's gonna be fun implementing it ;-)


Ramin

> 
> Thanks.
> Tony


[Index of Archives]     [Linux Netfilter Development]     [Linux Kernel Networking Development]     [Netem]     [Berkeley Packet Filter]     [Linux Kernel Development]     [Advanced Routing & Traffice Control]     [Bugtraq]

  Powered by Linux