Find the answer to your Linux question:
Results 1 to 4 of 4
Hi, I have a network behind a firewall using IP tables and Squid w/squidGuard. I have access tables that only let certain IP numbers outside access and a while list ...
Enjoy an ad free experience by logging in. Not a member yet? Register.
  1. #1
    Just Joined!
    Join Date
    Dec 2004
    Location
    Oakland, Ca
    Posts
    2

    Matching MAC addresses to IP numbers


    Hi,

    I have a network behind a firewall using IP tables and Squid w/squidGuard. I have access tables that only let certain IP numbers outside access and a while list for what everyone else can do. The problem is, a couple a guys think they know something about windows and change the IP number temporarily to someones that has full access. We've notice this when that person get the error message that his IP number is already being used on the network.

    I'm running Fedora 6, and what I would really like to do is be able to match the MAC address to an assiciated IP address from a table in a file before deciding what to do with the packet.

    I know these guys have no idea about whats going on outside of the windows network interface.

    Thanks
    Todd

  2. #2
    Linux Newbie framp's Avatar
    Join Date
    Jul 2006
    Location
    Stuttgart, Germany
    Posts
    240
    Try iptables and drop ip addresses which don't use the right mac address.
    "Really, I'm not out to destroy Microsoft. That will just be a completely unintentional side effect." Linus Benedict Torvalds

  3. #3
    Just Joined!
    Join Date
    Dec 2004
    Location
    Oakland, Ca
    Posts
    2
    Hi framp,

    That's exactly what I'd like to do. The problem is I don't know how to impliment that. Where do I put the information that associates an IP number to it's coresponding MAC address.

    Also, how do I tell iptables to use this info and compare the two.

    Thanks much

    Todd

  4. $spacer_open
    $spacer_close
  5. #4
    Linux Newbie framp's Avatar
    Join Date
    Jul 2006
    Location
    Stuttgart, Germany
    Posts
    240
    It's an interesting problem. So I just did some quick tests. I tried
    Code:
    iptables -I INPUT -i nic0 -s 192.168.0.6 -m mac --mac-source 00:50:fc:a6:f1:06 -j DROP
    The two conditions are ANDed, i.e. if the client has 192.168.0.6 AND mac 00:50:fc:a6:f1:06 the condition fires.

    So you have to have for every ip/mac pair one ACCEPT rule and finally a DROP rule for everything else. That should work
    "Really, I'm not out to destroy Microsoft. That will just be a completely unintentional side effect." Linus Benedict Torvalds

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •