LinuxQuestions.org
Download your favorite Linux distribution at LQ ISO.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Networking
User Name
Password
Linux - Networking This forum is for any issue related to networks or networking.
Routing, network cards, OSI, etc. Anything is fair game.

Notices


Reply
  Search this Thread
Old 03-17-2015, 12:47 AM   #1
NM04
Member
 
Registered: Jan 2011
Distribution: Back Track,Fedora,centos
Posts: 240

Rep: Reputation: 14
how to map MAC with IP


Dear Experts,
I have a problem, its like in my network there are around 5k users behind a proxy(or may be more), all are allotted static ip addresses manually, now some users change their IP address and create problems for us and other users as well, is there a way by which no one can change IP and even if someone changes it his/her internet access should be blocked by proxy.

thanks & regards,
nm

Last edited by NM04; 03-17-2015 at 02:04 AM.
 
Old 03-17-2015, 01:45 AM   #2
JJJCR
Senior Member
 
Registered: Apr 2010
Posts: 2,175

Rep: Reputation: 449Reputation: 449Reputation: 449Reputation: 449Reputation: 449
check out this link: http://www.tuxgarage.com/2011/01/how...c-address.html


from link above:

How to Bind IP Address to MAC Address using DHCP3-SERVER

dhcp3-server, as obvious from the name is a DHCP server that serves DHCP requests on the defined network interfaces. If you want a specific IP to be remembered for a specific machine, you can bind the IP address to the MAC address of that machine. The lease won't expire in that case.

Edit /etc/dhcp3/dhcpd.conf

sudo nano /etc/dhcp3/dhcpd.conf

And paste these lines in that file just above the last bracket '}'.

host username {
hardware ethernet 00:30:05:cf:a2:b7;
fixed-address 192.168.2.10;
}

Replace username with whatever username. hardware ethernet is the MAC address of the NIC in that computer and fixed address is the intended IP address. Repeat the process for as many IP addresses as you want to bind.

Your dhcpd.conf should look like this.


dhcpd.conf

Save and close the file after making changes. Now, restart dhcp3-server.

sudo service dhcp3-server restart

You can use ifconfig command in Ubuntu to find out the mac address or ipconfig /all in Windows.
 
Old 03-17-2015, 02:10 AM   #3
NM04
Member
 
Registered: Jan 2011
Distribution: Back Track,Fedora,centos
Posts: 240

Original Poster
Rep: Reputation: 14
Dear JJJCR,
Thank you for your suggestion but I dont have a DHCP in my n/w also I have more than 5000 users, entering for every individual in the dhcpd.conf isn't it a bit hard working!! could you please suggest some other concept or tool or software which automates this kind of process.

Thanks & Regards,
nm
 
Old 03-17-2015, 03:09 AM   #4
JJJCR
Senior Member
 
Registered: Apr 2010
Posts: 2,175

Rep: Reputation: 449Reputation: 449Reputation: 449Reputation: 449Reputation: 449
If you don't have DHCP in your network, how your devices are getting IP Addresses?

Do you mean you don't have control on your DHCP?

Of course it can be automated, but you need to give more info.
 
Old 03-17-2015, 03:13 AM   #5
T3RM1NVT0R
Senior Member
 
Registered: Dec 2010
Location: Internet
Distribution: Linux Mint, SLES, CentOS, Red Hat
Posts: 2,385

Rep: Reputation: 477Reputation: 477Reputation: 477Reputation: 477Reputation: 477
As you said that you are using static IP for all the machine, would like to know how they access the internet? Do you have proxy server in place? If not then controlling the traffic (incase user changes the IP which is the case with you) will be a mess. However, if you do use proxy and if it is squid then you can follow: http://www.sohailriaz.com/how-to-bin...h-ip-in-squid/
 
Old 03-17-2015, 03:18 AM   #6
JJJCR
Senior Member
 
Registered: Apr 2010
Posts: 2,175

Rep: Reputation: 449Reputation: 449Reputation: 449Reputation: 449Reputation: 449
ah sorry miss it out..you have static IP Addresses.

Then T3RMINVTOR is right, how they access the internet?

You can check the arp table for that particular device or software to get the list of MAC Addresses.

if you using squid, check out this thread:
http://www.linuxquestions.org/questi...-proxy-730349/

Last edited by JJJCR; 03-17-2015 at 03:21 AM. Reason: edit
 
Old 03-17-2015, 03:32 AM   #7
NM04
Member
 
Registered: Jan 2011
Distribution: Back Track,Fedora,centos
Posts: 240

Original Poster
Rep: Reputation: 14
T3RMINVTOR,
yes I do have squid proxy and it asks for authentication for internet access, I also have VLANs in place will it work for VLANs & subnets?

thanks & regards,
nm

Last edited by NM04; 03-17-2015 at 03:34 AM.
 
Old 03-17-2015, 04:05 AM   #8
T3RM1NVT0R
Senior Member
 
Registered: Dec 2010
Location: Internet
Distribution: Linux Mint, SLES, CentOS, Red Hat
Posts: 2,385

Rep: Reputation: 477Reputation: 477Reputation: 477Reputation: 477Reputation: 477
It should work. I mean I haven't been in a situation where I had to handle 5000 static IPs manually. I always prefer to go with DHCP in such large infra as it is easy to push settings and you have more control. Anyways there might be some specific requirement and that is the reason you are using static IPs on client.

So yes you can give it a try on a set of 10-20 machines including machines from different subnet and test how it works. If all goes well you can roll that out.
 
Old 03-17-2015, 04:13 AM   #9
NM04
Member
 
Registered: Jan 2011
Distribution: Back Track,Fedora,centos
Posts: 240

Original Poster
Rep: Reputation: 14
T3RMINVTOR,
I tried the 1st command its not working for me, I mean after execution the txt file is empty, but "arp -a" shows the list.

regards,
nm
 
Old 03-17-2015, 09:04 AM   #10
T3RM1NVT0R
Senior Member
 
Registered: Dec 2010
Location: Internet
Distribution: Linux Mint, SLES, CentOS, Red Hat
Posts: 2,385

Rep: Reputation: 477Reputation: 477Reputation: 477Reputation: 477Reputation: 477
Yes you are right. I checked the syntax and appears to be something wrong. Instead execute it following way:

1.
Code:
for i in `seq 1 10`; do ping -c 1 192.168.1.$i; arp -n 192.168.1.$i | grep -v Address | grep -v incomplete >> ip-mac.txt; done
This will create the file ip-mac.txt. Against that file run the following command:

2.
Code:
cat ip-mac.txt | awk '{print $1"    "$3}';
 
1 members found this post helpful.
Old 03-18-2015, 01:47 AM   #11
NM04
Member
 
Registered: Jan 2011
Distribution: Back Track,Fedora,centos
Posts: 240

Original Poster
Rep: Reputation: 14
T3RMINVTOR,
sorry to bother you again ! command worked as you modified it now 2nd is not working, it errors at 'cut"":no such file or directory'

regards,
nm
 
Old 03-18-2015, 02:05 AM   #12
T3RM1NVT0R
Senior Member
 
Registered: Dec 2010
Location: Internet
Distribution: Linux Mint, SLES, CentOS, Red Hat
Posts: 2,385

Rep: Reputation: 477Reputation: 477Reputation: 477Reputation: 477Reputation: 477
From where did cut come in picture I am running cat <filename> | awk '{print $1" "$3}'; . What command did you execute could you please let me know or paste the output of the command and the error from the terminal itself.

Last edited by T3RM1NVT0R; 03-24-2015 at 12:22 AM.
 
Old 03-18-2015, 03:39 AM   #13
NM04
Member
 
Registered: Jan 2011
Distribution: Back Track,Fedora,centos
Posts: 240

Original Poster
Rep: Reputation: 14
command not from this thread, 2nd command in the link provided by you which is ::

Code:
cat ip-mac.txt | while read a; do b=`echo $a | cut -f 2 -d "   "; echo acl mac$i arp $b >> squid-mac-filter.txt; i=`expr $i + 1`; done
cut: : No such file or directory
cut: : No such file or directory
cut: : No such file or directory
cut: : No such file or directory
cut: : No such file or directory
cut: : No such file or directory
cut: : No such file or directory
cut: : No such file or directory
cut: : No such file or directory
cut: : No such file or directory
cut: : No such file or directory
cut: : No such file or directory
cut: : No such file or directory
cut: : No such file or directory
cut: : No such file or directory
cut: : No such file or directory
cut: : No such file or directory
cut: : No such file or directory
cut: : No such file or directory
cut: : No such file or directory
cut: : No such file or directory
cut: : No such file or directory
cut: : No such file or directory
cut: : No such file or directory
cut: : No such file or directory
cut: : No such file or directory
cut: : No such file or directory
cut: : No such file or directory
cut: : No such file or directory
cut: : No such file or directory
cut: : No such file or directory
cut: : No such file or directory
cut: : No such file or directory
cut: : No such file or directory

Last edited by NM04; 03-18-2015 at 03:40 AM.
 
Old 03-18-2015, 10:59 AM   #14
T3RM1NVT0R
Senior Member
 
Registered: Dec 2010
Location: Internet
Distribution: Linux Mint, SLES, CentOS, Red Hat
Posts: 2,385

Rep: Reputation: 477Reputation: 477Reputation: 477Reputation: 477Reputation: 477
There is some issue with the syntax that the author has used. You can follow the following steps:

1.
Code:
for i in `seq 1 10`; do ping -c 1 192.168.1.$i; arp -n 192.168.1.$i | grep -v Address | grep -v incomplete >> ip-mac.txt; done
2.
Code:
cat ip-mac.txt | awk '{print $1"    "$3}' > ip-mac-new.txt
3.
Code:
i=1; cat ip-mac-new.txt | while read a; do b=`echo $a | cut -d " " -f 2 `; echo "acl mac$i arp $b" >> squid-mac-filter.txt; i=`expr $i + 1`; done
4.
Code:
i=1; cat ip-mac.txt | while read a; do b=`echo $a | cut -d " " -f 1`; echo "acl ip$i src $b" >> squid-ip-filter.txt; i=`expr $i + 1`; done
5.
Code:
for i in `seq 1 10`; do echo "http_access allow mac$i ip$i" >> http-access-squid.txt; done
The above commands should do, I have tested it on my system.
 
1 members found this post helpful.
Old 03-23-2015, 12:57 AM   #15
NM04
Member
 
Registered: Jan 2011
Distribution: Back Track,Fedora,centos
Posts: 240

Original Poster
Rep: Reputation: 14
T3RMINVTOR,
Thanks a lot your suggestion worked for me. Now I am trying to make it work for subnets, actually trying to modify the very first command for different subnets and tried it with nested for loop but failed, could you suggest something for that. for eg. my network address is 192.168.0.0 mask 255.255.0.0, how can I get that 1st command to work for me ??

Thanks & regards
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
Bind IP address using MAC shipon_97 Linux - Newbie 7 08-03-2008 01:45 PM
Bind Mac with Ip address shipon_97 Linux - Newbie 5 11-23-2007 12:14 AM
Bind ip with mac address sunlinux Linux - Networking 5 08-10-2007 01:23 AM
how to bind MAC with IP sapheroth Linux - Networking 3 05-07-2007 10:40 PM
how to bind IP with MAC sapheroth Linux - Networking 5 09-19-2006 01:25 AM

LinuxQuestions.org > Forums > Linux Forums > Linux - Networking

All times are GMT -5. The time now is 05:29 AM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Open Source Consulting | Domain Registration