Hi, I have a MS ISA Server in my network which is used solely for controlling Internet access. For Windows workstations, it has an installable client that transparently authenticates users with the server using their Active Directory credentials, given when logging on. I'm migrating several machines in the network to linux, and would like a similar solution to control Internet access for linux clients. I've read about squid authenticating against an LDAP base, but only for HTTP access. Is there a linux based solution for controlling Internet access by user and by protocol? For example, I want it to be possible to configure it so that groupA would have access to POP3, SMTP, and HTTP, groupB would have access to MSN, FTP and a HTTP for a given group of domains, and so on. I was studying nufw (www.nufw.org), which seemed to solve my problem using an iptables module, but this site has been off-line for several weeks now :( If possible, I would like a linux based solution that would authenticate linux and windows users against an LDAP base (such as MS AD) and allow me to create filters based on LDAP users and groups. Or, at least, a way to configure linux to authenticate in MS ISA Server. TIA, Marcelo