Home
Help
Search
Login
Register
OPNsense Forum
»
English Forums
»
General Discussion
»
Block services from backend without using "start/stop" commands
« previous
next »
Print
Pages: [
1
]
Author
Topic: Block services from backend without using "start/stop" commands (Read 708 times)
Vharry
Newbie
Posts: 13
Karma: 0
Block services from backend without using "start/stop" commands
«
on:
September 29, 2023, 08:52:25 am »
Hii,
Is there any way to restrict a specific user from using a specific service (eg. FreeRadius) from the backend? I created a php script with "start/stop", it is a working command but I am not sure if this is the right way to achieve the desired goal of preventing a user from using a specific service.
What are the possible ways to achieve this in the right way?
Logged
bartjsmit
Hero Member
Posts: 2018
Karma: 194
Re: Block services from backend without using "start/stop" commands
«
Reply #1 on:
September 29, 2023, 09:23:12 am »
Does your script sever TCP connections? OPNsense is stateful, which allows established TCP sessions to pass without checking them against policy.
You may be quicker to restrict the user on the service itself. I.e. block them in the RADIUS layer. This will also have a more global effect on other services that use FreeRadius for SSO
Bart...
Logged
Print
Pages: [
1
]
« previous
next »
OPNsense Forum
»
English Forums
»
General Discussion
»
Block services from backend without using "start/stop" commands