Using OpenBSD's pf.
Question: How can we modify the firewall of OpenBSD to allow ONLY a given group for network access? If somebody isn't in that group, it shouldn't have layer 3 or layer 2 network access.
Asked
Active
Viewed 97 times
1
-
Take a look at the answer to your other related question: http://unix.stackexchange.com/questions/187948/openbsds-pf-disable-network-access-for-a-given-user-except-for-ssh . Although that is layer 3. – kurtm Apr 05 '15 at 16:45
1 Answers
0
Assuming you are talking about workstations “behind” the OpenBSD box, you’ll want to add the workstations’ IP addresses to a pf table and create appropriate rules that reference this table. `man pf.conf’ for details. As for layer 2 access, you might want to elaborate a bit more here in terms of your requirements.
Bink
- 276
- 1
- 7