[X4U] Restrict Network Activity to Local
Stroller
MacMonster at myrealbox.com
Wed Jan 12 23:56:24 PST 2005
On Jan 12, 2005, at 11:58 pm, Paul Biddlecomb wrote:
>
> We're trying to set up some iMacs for one of our departments. They
> want users to be highly restricted as to their network capabilities.
> They want access limited to the local network, possibly down to one or
> two sub-nets. But the Administrator will need to have full access,
> for software updates. Is this possible running OSX 10.3.x?
Yes, it's easy. You write a little script that runs at boottime calling
`ipfw` with appropriate firewall options.
I think start-up scripts can be limited to certain users, or use
`lookupd -q group -a name admin` to determine if the current user is an
admin, or simply have the admin users open a terminal & use `ipfw` to
flush the firewall rules when they need internet access.
Stroller.
More information about the X4U
mailing list