On Sunday 23 April 2006 01:19, Don Robertson wrote: > One thing that I am wondering about. We will be wanting to have > different groups of LTSP users and machines with different access > permissions. One set of machines will be to browse our WebOPAC catalogue > only, and will have almost no access to the internet. > > Other machines will be able to browse the internet and intranet - > including home shares etc. Do you really doing this per machine? or are you really wanting this per user? Most of the time people say this and creating a user that that machine auto logs in as works just fine.
> Unless I am missing something, all the clients have the same IP address > as the LTSP server, making it hard to create firewall rules to limit > access to specific machines. You're missing something. All terminals have different IP addresses, but the terminals just run X -query SERVER so each USER appears to reside on the same physical box. > Is there a way to make the clients run under different IP addresses? See above, but Local Apps is what you're referring to. and at that point, you have to make sure your terminals have the horsepower required. An alternative that usually works is to create a specific user just for that terminal and setup restrictions for that *user* instead of that machine. You can block web traffic with iptables and force everything to go through a squid proxy for filtering, Use authentication and normal users can have pretty much unfettered access, while OPAC users can very little. http://iptables-tutorial.frozentux.net/iptables-tutorial.html -- Public Key available Here: http://www.bravegnuworld.com/~rjune/pubkey.asc Did I make your life better? http://home.bravegnuworld.com/~rjune/appreciation.html ------------------------------------------------------- This SF.Net email is sponsored by xPML, a groundbreaking scripting language that extends applications into web and mobile media. Attend the live webcast and join the prime developer group breaking into this new coding territory! http://sel.as-us.falkag.net/sel?cmd=lnk&kid=110944&bid=241720&dat=121642 _____________________________________________________________________ Ltsp-discuss mailing list. To un-subscribe, or change prefs, goto: https://lists.sourceforge.net/lists/listinfo/ltsp-discuss For additional LTSP help, try #ltsp channel on irc.freenode.net
