One customer asked me about the possibility of install in an iptables based firewall some sort of solution (perhaps a proxy) it could add/delete rules based on users login into a SMB(Samba/NT) server. He want to grant or deny access to Internet (TCP/IP) based on authenticated users, not the IP or MAC. It's not a bad idea, but I don't know if it even exists... I've googled and found nothing about this kind of solution. Anyway, I told him I could check it out, and... here I am. :-)