Make one filter, either in the Portmaster(s) or through a ChoiceNet server
which has something like this:
permit assigned_ip/32 0.0.0.0/0
deny
So it would only let packets coming from the ip assigned to the user get
out, no fakes. Do the opposite for the incoming filter too. I wish there
was an automatic way to do this..
On Sat, 22 Nov 1997, Jake Messinger wrote:
> On Fri, 21 Nov 1997, Warren Vanichuk wrote:
>
> > of the port beforehand, then you can simply deny any packet coming from that
> > interface with a source address != to the assigned address. Perhaps an
> > extension to the filters, that would allow the PM to insert the appropriate
> > information, either the single IP for a dialup, or a range of addresses. Or
> > a port||global option in ComOS that would automatically do that type of
> > filtering automatically.
>
> I think this would be incredibly simple to add to radius...
> Ill look at it when I get back from Vacation.
-
To unsubscribe, email 'majordomo@livingston.com' with
'unsubscribe portmaster-users' in the body of the message.