Bron: [url=http://www.deadly.org/]OpenBSD Journal[/url]
OpenBSD heeft een nieuwe feature waarmee je internet ‘aan’ en ‘uit’ kan zetten op USER basis. Dat lijkt mij een droom voor sommige systeem/netwerk beheerders.
[quote]As a user authenticates using ssh‚ authpf will alter the PF (and NAT) rules as desired for that user on the node that user is on. When the user logs out‚ the PF rules are reverted back to as they were before the user logged in‚ and all the states they had are killed.
Think about some of the possibilities:
Keep your wireless access for your users‚ and not anyone driving by with a laptop.
Permit internet access only to selected people in your office‚ or restricted based on who they are‚ not where they sit.
Permit field users to have access to internal services‚ with the filters following them as they authenticate‚ rather than having to be preconfigured. Great for people from locations with dynamic addresses or people traveling.
[/quote]
[url=http://www.openbsd.org/cgi-bin/man.cgi?query=authpf&sektion=8]Het hele artikel[/url]