reject certain mac-adresses
To not go to off-topic ill just put this in another post.
At a lan-party we have huge virus problems. Viruses that jam our router completly.
We have a linux-box as router and its running iptraf. Theoretically, (we havent tried it yet) Iptraf's monitor on sent packages from each mac adress connected to the box should go wild when someone starts playing with our internet. Can i somehow block those mac-adresses that are making trouble, so they wont reach the router that is jammed? Preferably they will only be denied to reach the other side of the linux box, because the linux box is running CS-servers +++
Our network looks like this:
ISP->Router->Linuxbox(eth1)->Linuxbox(eth0)->Core switch->Users and desk switches.
We dont mind the troublemakers accessing eth0, but we dont want them to get through into eth1 and to the router. Can this be done easily?