Thanks for your response. It is an interesting coincidence that Check Point
is coming up with QoS based on user authentication soon. Not sure if they have
a notion of soft session though, which is important, and useful in my scenario.
The approach I am suggesting is mainly inspired by RSVP, but without any
explicit signaling, and state maintenance in the form of periodic updates.
A simple authentication mechanism with a provision for dynamic updation of
filters within Linux TC, hopefully, is all that is required to accomplish the
intended task. Presently, I am looking at conventional internet access without
any configured VPN.
> --On Saturday, February 23, 2002 12:57:23 PM +0530 SVR Anand
> <anand@xxxxxxxxxxxxxxxxx> wrote:
> ...sure an very offtopic answer, but perhaps interesting.
> I've heard this week that commercial firewall Check Point FW-1 Next
> Generation Flood Gate will (already or soon) support QoS based on
> User Authentication combined with VPN.
> The only Linux related things:
> * you can install the firewall (even flood gate) on Linux systems
> using kernel 2.4.x
> * a commandline VPN client will be availabe Q2 or so (but don't if
> here the QoS is supported.