Looking for suggestions.

**jlevpuckba** · 10-30-2008

Hi all,

Okay...here's what I am looking to do. I currently installed a Hardy Heron server with LAMP. On an all windows network, (which I am looking to change) I would like to make a server where a student goes to a webpage, enters his mac address and gives him an IP withing a given range. If possible, I would like to have then also match criteria during the capture, such as name and room number just to verify who is logging in. This will all be done through ethernet connections in their rooms (I work at a private school). I would like to make sure they are prohibited from plugging in their own wireless routers too.

As of now, our system works well, but it's a long process. We get every students mac address and manually set a reservation for them in the DHCP (Windows).

Any guidance and suggestions to get me looking in the right direction would be great. Thank you very much in advance.

***Roxoff*** · 10-30-2008

How are they going to get an IP address from a given range over a web page? They need the IP address before they can make the connection to the web server.

The service you're asking for is, indeed, DHCP. You can run this on a Linux server, it's dead easy.

**i92guboj** · 10-30-2008

Originally Posted by jlevpuckba

Hi all,

Okay...here's what I am looking to do. I currently installed a Hardy Heron server with LAMP. On an all windows network, (which I am looking to change) I would like to make a server where a student goes to a webpage, enters his mac address and gives him an IP withing a given range.

As the previous poster said, if they have no ip, they definitely can't connect to a web to get one.

If there's a real need to match a given mac<X> with a given ip<X>, then you have few options. One is what you have been doing until now. The other is to allow a few public terminals so they can apply for one faster.

Now, another thing: a well behaved dhcp server always gives the same mac the same ip, unless it runs out of ips in which case a reallocation is needed. You will not know the macs beforehand, though. But if all you need is a way to identify the machines just in case something odd happens, then this might be enough for you.

An alternate solution, would be to combine the second solution (public terminals) with an automated cronjob. You could instruct the users to send a mail from their school account to a given account, created just for this. In that mail they can put their macs, name, account, whatever you need to do the work.

Then a simple bash script run through cron every hour could modify the dhcp config file to add a new rule. You would need to test that before, if you screw up something things can go wrong.

I would like to make sure they are prohibited from plugging in their own wireless routers too.

If you mean like to put some censorship so they can't access networks on the external world, I'll not help with that.

**jlevpuckba** · 10-31-2008

If you mean like to put some censorship so they can't access networks on the external world, I'll not help with that.

Well, it's not an issue of accessing networks which they can do through their ethernet connections. It is more so they cannot connect rogue routers with dhcp enabled.

I'm trying to find the article I read. I can't remember if it was in a magazine or online, I read too much. Essentially what happens in the scenario is a student gets an IP address from "Server1". The student then goes to an Apache website from the same server and enters his name and room, where those criteria must match preset data. Once entered, the student is free to use the network. On the network side, the process captures his mac address along with the given ip. It may have said something about working along side a windows dhcp server, but I don't see how you could have two dhcp's.

It seems complicated yet possible. Don't know if this explains more or not. Thanks

**br0ken** · 11-03-2008

Originally Posted by i92guboj

An alternate solution, would be to combine the second solution (public terminals) with an automated cronjob. You could instruct the users to send a mail from their school account to a given account, created just for this. In that mail they can put their macs, name, account, whatever you need to do the work.

Then a simple bash script run through cron every hour could modify the dhcp config file to add a new rule. You would need to test that before, if you screw up something things can go wrong.

I think this sounds like a fairly simple and effective idea to try to accomplish what you are trying to do. The cronjob could put the MAC address sent by the students into the dhcp.conf file with a format something like this:

Code:

host Room-03 {
hardware ethernet 00:04:5A:FF:97:0D;
fixed-address 192.168.1.103;
}

that way, whenever the DHCP server sees that unique MAC address, it will assign it the determined IP address. We use something like this at work on our Linux samba domain with Windows workstations. Just make sure you don't have any duplicate MAC addresses or IP addresses for different computers because that will cause conflict and could prevent the computers affected from getting online at all. (I accidentally did this before and it wasn't pretty until it was fixed and everyone had time to calm down lol)

Thread Tools

Display

Looking for suggestions.

Posting Permissions