Want to win a PS4? Go Premium and enter to win our High-Tech Treats giveaway. Enter to Win

x
?
Solved

Limit Internet usage by time by account

Posted on 2010-11-26
6
Medium Priority
?
677 Views
Last Modified: 2012-05-10
I would like to setup a proxy like the ones that exist in hotels where you must have an account to access the internet. My requirements are:

1. You must have an account when on the network to access the internet.
2. Accounts should be able to be time limited. So, if Jake has two hours, and he logs in to access the internet, and two hours expires, he cannot log in again until the next day.
3. Linux based solutions are preferred.
4. Firewall or Proxy based solutions (so this works no matter what computer the user logs in from) are preferred.

What is out there?
0
Comment
Question by:DrDamnit
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
6 Comments
 
LVL 11

Accepted Solution

by:
yarwell earned 1000 total points
ID: 34218195
"Captive portal" and "Wireless hotspot" solutions like Chillispot and friends would do this. I'm not up to speed with the latest offerings but there are plenty around and some are provided as part of dd-wrt firmware for consumer routers  http://www.dd-wrt.com/wiki/index.php/Captive_Portal
0
 
LVL 14

Expert Comment

by:Monis Monther
ID: 34218205
Squdi is out there.

Linux O/S (I prefer CentOS)
Squid Proxy Server
NetFilter/IPtables FireWall

With squid you can have

user accounts
ACL (Access control lists) based on time, account, IP, MAC and some other 30 options
Bandwidth Limiting
Many more options
0
 
LVL 25

Assisted Solution

by:madunix
madunix earned 1000 total points
ID: 34219221
0
Q2 2017 - Latest Malware & Internet Attacks

WatchGuard’s Threat Lab is a group of dedicated threat researchers committed to helping you stay ahead of the bad guys by providing in-depth analysis of the top security threats to your network.  Check out our latest Quarterly Internet Security Report!

 
LVL 4

Expert Comment

by:pingvinos
ID: 34222010
Hello!
I use squid proxy server on RH-like Linuxes.I searched the documentation,and there is no such feature as allowed duration of internet connection per day...That feature would be very welcome in such environments,and I guess that a script should be written for that purpose.The way I see is it should be:
1)The script(a croned script,actually) should check logs to see the unique users that connected and write the first appearance of the username  and the time in some kind of temporary file
2)Every now and then,a script should check if the present time is ALLOWED_DURATION more  than the first appearance of any username
3)If yes,the user should be disabled from accessing internet via squid
4)At the end of the day,a list of disable users should be reset...
Now,I am amazed that such a necessary feature has not been added to squid yet(someone correct me if I am wrong).
If I have more time next days,I will try to write a script to do that,but the problematic part will be disabling users that exceeded the time limit...involves reloading squid everytime someone is disabled..Anyway,is this Linux you plan to use RedHat-like?How many users(~10,~100?).
0
 
LVL 4

Expert Comment

by:RonHoffmann
ID: 34222597
IPcop is a free linux option with addins that will do what you want.
www.ipcop.org

Untangle is another linux based option with a choice of free or more advanced paid solutions
www.untangle.com

astaro has free and paid solutions as well ( this probably the best but the most expensive)
www.astaro.com
0
 
LVL 25

Expert Comment

by:madunix
ID: 34422270
As said above by yarwell....  At home have a hardware firewall (erased the linksys firmware on my router with the DD_WRT) and on each PC running microsft. I run the Comodo Internet security (both firewall and anti-virus) and implemented beside that Squid Linux proxy server.

Be aware open source firmware DD-WRT offers a number of builds, from a Micro and Mini generic with limited capabilities  all the way to a VoIP-specific and VPN-specific build. Fortunately, a chart lists  all the capabilities and various versions of DD-WRT  include  from Hotspot, IPv6, OpenVPN, PPTP, ProFTPD, SNMP, SSH, and Telnetd to a Samba/CIFS client. It has EoIP (Ethernet over IP, allowing you to bridge networks), VLAN, QoS, and advanced firewall (including the ability to block specific P2P networks).

OpenWrt has a package system for additional add-ons, It has everything from Squid, NTP, OpenVPN, CUPS (printing support), and lightHTTPD to an IRC server, Nagios (network monitoring), Asterisk (a VoIP server), and the Perl programming language. The only catch is that you will need a router with a sufficiently large amount of storage space and memory
 
To upgrade your router and make it more secure, I would recommend replacing the default firmware if you can. Make sure you check the compatibility lists!  
As stated in http://www.linux-magazine.com/w3/issue/119/048-049_kurt.pdf
0

Featured Post

2017 Webroot Threat Report

MSPs: Get the facts you need to protect your clients.
The 2017 Webroot Threat Report provides a uniquely insightful global view into the analysis and discoveries made by the Webroot® Threat Intelligence Platform to provide insights on key trends and risks as seen by our users.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Examines three attack vectors, specifically, the different types of malware used in malicious attacks, web application attacks, and finally, network based attacks.  Concludes by examining the means of securing and protecting critical systems and inf…
In this article, WatchGuard's Director of Security Strategy and Research Teri Radichel, takes a look at insider threats, the risk they can pose to your organization, and the best ways to defend against them.
In this tutorial you'll learn about bandwidth monitoring with flows and packet sniffing with our network monitoring solution PRTG Network Monitor (https://www.paessler.com/prtg). If you're interested in additional methods for monitoring bandwidt…
Michael from AdRem Software explains how to view the most utilized and worst performing nodes in your network, by accessing the Top Charts view in NetCrunch network monitor (https://www.adremsoft.com/). Top Charts is a view in which you can set seve…
Suggested Courses

609 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question