Is this possible with a dns server?

[cheesecake42]

Long story short, I cannot use wireless security on my home network so I have to block mac addresses on my router on a daily basis. Basically what I want to do is set an IP address range for dhcp on my router and set my home computers with static IP's. I want to set up a local DNS server to point my router to and allow full access to my static ip's and direct all traffic from the dhcp range to a single page. Is this possible?

[Lazydog]

Don't think this will work with DNS but you might be able to setup a proxy server that only allows your static ip to pass while redirecting everything else to a banner web page. Then setup the firewall to redirect all web requests to the proxy.

Sorry I don't know how to setup a proxy for this just know how they work.

[Roxoff]

Ok, here's a few thoughts of mine:

- Can you not set your router to deny all access and only allow the MAC addresses you specify?

- If you're going to use static IP's, and restrict access to that static range, then why do you need DHCP at all?

- You can set your DHCP server to hand out the same IP address to a MAC address every time, so you'd effectively have a static assignment, but handed out by a DHCP service.

- If you relied on static assignments, people could still use your lan by using one of the static assignments you've allocated to another machine.

There are plenty of resources on DHCP floating around, try some of these:

RedHat Linux DHCP
Linux Home Networking's howto
A simpler guide at Troubleshooters.com

There are plenty more if you google DHCP and Linux. Likewise DNS is very well documented. The limitations you want to apply to the LAN are sorted out by IPTables, and again this is another very well documented area.

[cheesecake42]

thanks for the resources roxoff. the main reason i want to keep using dhcp is to try and have some fun with people getting onto my network.

[Lazydog]

Well if that is all you want to do then setup iptables to redirect all traffic on those IP Addresses to a single destination.

Maybe setup the rules to drop all traffic form those ip's and only allow port 80 which is redirected.