nufw

[Christopher Chan]

On Thursday, October 14, 2010 03:09 PM, Verde Denim wrote:
>
>
> On Thu, Oct 14, 2010 at 2:12 AM, Christopher Chan
> <christopher.chan at bradbury.edu.hk
> <mailto:christopher.chan at bradbury.edu.hk>> wrote:
>
>     On Thursday, October 14, 2010 01:55 PM, Verde Denim wrote:
>      > Has anyone on the list used nufw? The repo states -
>      > NuFW is an authenticating firewall based on netfilter's NFQUEUE
>     target.
>      > It allows to write filtering rules based on user identity, in
>     addition
>      > to classical network criteria.
>      > Unless other solutions, NuFW uses a strict security model and can
>     apply
>      > different access rules
>      > to users connected on the same host...
>      >
>      > I'm currently running ufw, but found this while looking for some
>     other
>      > packages and am not familiar with it.
>      >
>
>     nufw is a set of a netfilter module? and a daemon and clients. Unless
>     you are in the business of wanting to control access rules for multiple
>     users, nufw will do nothing extra for you.
>
> Thanks for the input; sounds like you've used this and know of its
> application.

I have not used it but its description, documentation and various pieces 
gives me an idea about what it is all about. The clients add 
markers/tags with user tokens, the daemon authenticates those tokens and 
the module does the filtering.


> I was curious about it since I hadn't seen it before.

Same here.