LinuxQuestions.org

LinuxQuestions.org (/questions/)
-   Linux - Security (http://www.linuxquestions.org/questions/linux-security-4/)
-   -   how to reject connections which come from unknown mac address? (http://www.linuxquestions.org/questions/linux-security-4/how-to-reject-connections-which-come-from-unknown-mac-address-716000/)

Winanjaya 04-01-2009 04:43 AM

how to reject connections which come from unknown mac address?
 
Dear All,

I have a file (list_macs) that contains list of mac addresses, how to reject connections which come from unknown mac address?

please help

thanks & regards
Winanjaya

datopdog 04-01-2009 04:56 AM

use iptables for that.

win32sux 04-01-2009 05:07 AM

Assuming that list_macs contains one MAC address per line (and nothing else), here's an example:
Code:

MAC_LIST=`cat /etc/list_macs`
for i in $MAC_LIST; do
  iptables -A INPUT -i eth0 -m mac --mac-source $i -j ACCEPT
done
iptables -A INPUT -i eth0 -j REJECT

Keep in mind MACs only work inside Ethernet LANs.

Winanjaya 04-01-2009 08:57 PM

Hi..
but how to store it into /etc/sysconfig/iptables ?

please advise

thanks & regards
Winanjaya

win32sux 04-02-2009 05:48 AM

Quote:

Originally Posted by Winanjaya (Post 3495562)
but how to store it into /etc/sysconfig/iptables ?

If you're on a Red Hat-based distro, use:
Code:

service iptables save
Otherwise, use:
Code:

iptables-save > /etc/sysconfig/iptables

Winanjaya 04-05-2009 01:46 AM

Can I use "deny unknown-clients" options in /etc/dhcpd.conf for this? .. I meant I don;t want my dhcp server give IP to unknown clients


deny unknown-clients;
option domain-name-servers 172.16.1.3;
default-lease-time 600;
max-lease-time 7200;

...
...
...

host appio-wireless {
hardware ethernet 00:90:4B:6D:97:59 ;
}
host appio-wired {
hardware ethernet 00:90:3D:93:AD:3E ;
}


please help

thanks & regards
Winanjaya

win32sux 04-05-2009 09:40 AM

If you're using ISC DHCP, iptables wouldn't work anyways since ISC DHCP uses a RAW socket. At least, that's how it worked last time I used ISC DHCP. Someone please correct me if things have changed. And yes, it's very common to specify in dhcpd.conf the MACs you wish to provide service to. Keep in mind that MACs are easily sniffed/spoofed, though.


All times are GMT -5. The time now is 02:51 AM.