[Server-devel] nocat/internet restriction plans

Daniel Drake dsd at laptop.org
Thu Jan 14 13:10:22 EST 2010

I've read the threads about NoCat and am a little confused about the
plan for restricting internet access to XOs.

Is Jerry's suggestion (at http://members.shaw.ca/jvonau/pub/iptables/)
designed to complement NoCatAuth, or is it a standalone replacement?

At which point do we add and remove these iptables rules to control
access? Upon DHCP lease generation and expiration? Upon ejabberd

Depending on the approach taken we may have to consider the situation
where the XS is rebooted in the middle of a classroom session - we
need to restore connectivity to all active XOs without having to get
them to reboot/reconnect.

Any considerations for allowing connectivity from non-XO workstations
(e.g. ones that are connected to the network though ethernet, in the
staff offices etc)?

I can work on this but would appreciate some pointers from those of
you who have thought through it already.


More information about the Server-devel mailing list