Cedric Blancher wrote:
Second situation, there are solutions. One deployed is PPPoE links, even
for cable modems. If users have to set a PPP links, then you can
restrict a given login to one tunnel at the same time, you can restrict
one modem to establish one tunnel at the same time, you can attach BPF
filter to you PPP link (to enforce source IP as an example), etc.
But they can still use NAT behind a second router right? :-) I think the
whole connection sharing issues for ISP's is that they want to sell a second
account to someone else in that house. Its bogus cause one pays (normally)
for an agreed link speed (no matter how many computers are behind the router
and it will still be the same up/downlink speed to the ISP). Traffic amount
doesn't concern either as the user should have the right to use the line as
much as the contract allows.
And how many ISP's are there who promise a certain speed but never deliver it...
Still, to remain netfilter related in this topic, its a security question if
its possible to force without third party software that only one computer
uses a link, and the question remains if its possible to do it with
netfilter (I doubt).
BR,
Thomas
