I'm going to be implementing 'prepaid' LAN access. My gateway would be a Linux box. The way I'm thinking of doing this is that:
1. users would log-on to the workstations using their authorized usernames/passwords thru a web browser. At this point, the only web site that the workstations can access is the web site of the Linux gateway (where they will authenticate)
2. Once authenticated the script would then manipulate the iptables rules to allow that workstation to access the 'Net. The logon time would also be recorded to the database.
3. A cron job would run every minute querying the iptables rules as well as the database (for the logon time). The connection time of each workstation (that's been given access) would be computed, if they are beyond their allotted time, an iptables rule would be inserted denying them access.
4. Users can also 'disconnect' by going to the web site of the Linux gateway.
The way I see it right now, numbers 1, 2, 4 would be quite trivial to code. As for no. 3, a cron job running every minute querying the iptables as well as the database - would this be too much of a load?
Comments, suggestions and helpful links would be very much appreciated. Or is there a better way of implementing my 'prepaid' LAN access?
TIA,
-- Joshua L. San Juan <[EMAIL PROTECTED]>
_________________________________________________________________
MSN 8 with e-mail virus protection service: 2 months FREE* http://join.msn.com/?page=features/virus
_ Philippine Linux Users Group. Web site and archives at http://plug.linux.org.ph To leave: send "unsubscribe" in the body to [EMAIL PROTECTED]
Fully Searchable Archives With Friendly Web Interface at http://marc.free.net.ph
To subscribe to the Linux Newbies' List: send "subscribe" in the body to [EMAIL PROTECTED]
