Hi Ive got a debian router and a switch through which I provide internet access to some of the residents of my building...I want to implement a mechanism so that only the computers I specify can access the Internet...I could do it through squid but if I do so it would allow me only to restrict traffic going through port 80 what about Internet applications that use other ports such as ftp, smtp, yahoo and msn. I want to use a mechanism that allows me to authenicate PCs based on mac address and only those computers are allowed to access the internet. One particular solution could be blocking all access to the router unless the request have the source mac from an authorised PC..but I would prefer another approach if available...since Iam not going to operate the router..and the firewall script was written using VIM and the oprerator needs a web interface to operate the router. I ve got a freeradius server setup and running on the router with the dialup admin interface..I have done this setup previoulsy with pppoe and freeradius. I can not use pppoe this time..so I would like to know if there is a mechanism that allows me to redirect all the requests coming to the router through radius and access is granted upon the authenication info found in the radius database. I use to do that by loading radius.so each time a request to the pppoe server is made by including radius.so in the pppoe.options file..but I have no clue on how to do it this time. Any suggestions are welcome -- With Regards Ali Jawad