Firewall restrictions after logging in?

Stefan Winter stefan.winter at
Tue Nov 27 10:43:11 UTC 2007


I'm trying to impose firewall restrictions on cients after they have 
successfully authenticated to Chilli, i.e. allow only certain ports to the 
outside world. 
I wonder if the rules have to refer to $INTIF or to tun0 and whether they 
belong to FORWARD or OUTPUT on the Chilli host. I played a bit with the 
various options, but didn't really get anywhere. Is there some quick advice 
available, or better yet, some documentation?
I'm talking of the latest ChilliSpot - couldn't migrate to CoovaChilli yet.


Stefan Winter


Stiftung RESTENA - Réseau Téléinformatique de l'Education Nationale et de 
la Recherche
Ingenieur Forschung & Entwicklung

6, rue Richard Coudenhove-Kalergi
L-1359 Luxembourg
E-Mail: stefan.winter at     Tel.:     +352 424409-1                Fax:      +352 422473
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 194 bytes
Desc: This is a digitally signed message part.
URL: <>

More information about the Chilli mailing list