LinuxQuestions.org
LinuxAnswers - the LQ Linux tutorial section.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Networking
Reload this Page Can I deny access based on mac or IP address with shorewall?
User Name
Password
Linux - Networking This forum is for any issue related to networks or networking.
Routing, network cards, OSI, etc. Anything is fair game.

Notices

Reply
 
LinkBack Search this Thread
Old 06-02-2005, 10:37 AM   #1
enigma_0Z
Member
 
Registered: Apr 2005
Distribution: Ubuntu, RHEL, Darwin
Posts: 72

Rep: Reputation: 15
Can I deny access based on mac or IP address with shorewall?

I've got a rather successful wireless router set up on my gentoo box, but something troubles me. Right now, I've got a pcmcia adapter card in it, and a pcmcia wifi card providing wifi access in ad-hoc mode...

This is, of course, inherently insecure, so how could I set up shorewall to deny access to all mac or IP addresses other than the ones I specify?

I've got a manual ip addressing scheme, so that won't be a problem...

for instance, the router is on 10.0.0.1,

Joe with a mac address of 123 can only connect to the router using IP 10.0.0.100/8
Bob with a mac address of 234 can only connect to the router using IP 10.0.0.110/8
Me, with a mac address of 345 can only connect to the router using IP 10.0.0.101/8
Fred, my next door neighbor has an unknown mac addreses and can't connect to my PC and packets are dropped before routing to the internet. That way he can't even ssh into my machine

Is that setup possible with shorewall?
Last edited by enigma_0Z; 06-02-2005 at 10:39 AM.
 
Old 06-02-2005, 04:15 PM   #2
Jaxån
Member
 
Registered: Apr 2005
Location: Sweden
Distribution: Debian
Posts: 142

Rep: Reputation: 15
Yes it is. Read the manuals. They have a cenario like this described in there, I belive.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off
Trackbacks are Off
Pingbacks are On
Refbacks are Off

Similar Threads
Thread Thread Starter Forum Replies Last Post
restrict server access by mac address? stinkpot Linux - Software 4 11-22-2005 07:05 AM
MAC Address based hostname hogg85 Linux - Networking 2 06-13-2005 12:51 PM
restricting service based on mac address sixth_sense Linux - Networking 3 09-28-2004 08:59 PM
Get IP based on Mac address sunmiewon Linux - Networking 4 01-31-2004 06:18 PM
Deny access by IP address plisken Linux - Security 1 12-29-2001 10:11 PM


All times are GMT -5. The time now is 01:14 AM.

Contact Us - Advertising Info - Rules - LQ Merchandise - Donations - Contributing Member - LQ Sitemap -
Main Menu
 
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: @linuxquestions
Open Source Consulting | Domain Registration