Hi, On Wed, 20 Feb 2008, Brian Shackelford wrote:
I have been working on and actually making progress for writing a client for windows that will authenticate a user to authpf upon login thereby granting access to the network based on rules setup for each user/group. In addition we would love to be able to somehow transparently authenticate that user to the squid firewall tied back to the Active Directory on our network using LDAP. Just wondering if anyone has approached/done something like this already in the hopes of saving some time developing it.
there was a discussion on openbsd-misc some days ago, see "http://thread.gmane.org/gmane.os.openbsd.misc/138273";, for LDAP and squid.
Regarding authpf: I would not do this because you have the choice between organizing and handling many users and passwords on your openbsd firewall or only a few or one users and passwords and then you have probably no security. If possible I would not allow direct access to the internet but only via squid.
regards Stefan Kell
