Re: User specific ip addresses

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



> I have a tricky problem. I need a dual-homed linux box, one nic is  
> connected to our network, the other nic is connected to the customer  
> network.
> 
> Several users from us are logging in via our interface and are leaving  
> the system on the customers interface. BUT I need them to leave with  
> different IP-addresses (al in the same subnet).
> 
> Is there some netfilter or virtual ip addresses magic to do this ?

If your clients have distinct IP addresses, then maybe the NETMAP or SAME
targets will do what you want.  The descriptions in iptables(8) aren't entirely
clear, but maybe they'll do it.

If you really want to do NAT based on user IDs, then vanilla iptables can't do
it.  Except for packets that originate on localhost, the owner of a packet is in
general unknown.  NuFW claims to solve this problem, but it's complex.

Good luck,
Andrew.

--
To unsubscribe from this list: send the line "unsubscribe netfilter" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at  http://vger.kernel.org/majordomo-info.html

[Index of Archives]     [Linux Netfilter Development]     [Linux Kernel Networking Development]     [Netem]     [Berkeley Packet Filter]     [Linux Kernel Development]     [Advanced Routing & Traffice Control]     [Bugtraq]

  Powered by Linux