Linux - Networking This forum is for any issue related to networks or networking.
Routing, network cards, OSI, etc. Anything is fair game. |
Notices |
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
Are you new to LinuxQuestions.org? Visit the following links:
Site Howto |
Site FAQ |
Sitemap |
Register Now
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
|
 |
07-14-2004, 07:14 AM
|
#1
|
LQ Newbie
Registered: Jul 2004
Location: Bucharest, Romania
Posts: 1
Rep:
|
linux router must grant internet acces based on MAC adresses
Hello everyones !
I must handle the following problem:
I have a medium network (>70 computers with fixed IP addresses), a cable modem internet connection and a linux router (P1/200MHz, 32MB ram, 3.2GB Hdd, cdrom, RHL 8).
Only 8 computers must use the internet connexion and the permission must be granted based on MAC address of their NICs, not by IP addresses (I have my reasons).
Can someone tell me how can I do that or point me to a site containing the adequate documentation ?
Thank You !
|
|
|
07-14-2004, 07:56 AM
|
#2
|
Member
Registered: Aug 2003
Distribution: Slackware, Evil Entity
Posts: 63
Rep:
|
If you have/or dont mind installing squid proxy server on the box squid can do permistions based on mac/ip/user and pass and a few others.
You will need to do a fair bit of reading but http://www.squid-cache.org
Also acts as a cache so things are saced for later use.
|
|
|
07-14-2004, 08:51 AM
|
#3
|
LQ Newbie
Registered: Jul 2004
Posts: 29
Rep:
|
I'd be interested in a pure linux routing solution without the need of squid or some other proxy service. With squid I'm only capable of limiting MAC to squid services (http, ftp and even other services) but not to base the whole routing (every ip paket on every port) on the MAC.
|
|
|
07-14-2004, 11:55 PM
|
#4
|
Senior Member
Registered: Mar 2003
Location: Beautiful BC
Distribution: RedHat & clones, Slackware, SuSE, OpenBSD
Posts: 1,791
Rep:
|
This post should give you a proper direction.
|
|
|
07-15-2004, 03:56 AM
|
#5
|
LQ Newbie
Registered: Jul 2004
Posts: 29
Rep:
|
Exactly what I was looking for. Should have taken a deeper look on iptables -m parameter myself. Thanks for the hint!
|
|
|
07-15-2004, 06:48 AM
|
#6
|
Member
Registered: Sep 2002
Location: lahore pakistan
Distribution: slackware,redhat, FreeBSD,openbsd
Posts: 219
Rep:
|
filtering on mac address isnt a good idea.
now a days mac addresses can be easily changed thats why good firewalls like Packet Filter havent any option to filter on mac address.
as ur all clients are on same lan any one can learn all macs very easily.
better to make vpn server or pppoe server for username password based authentication.
|
|
|
07-15-2004, 06:56 AM
|
#7
|
LQ Newbie
Registered: Jul 2004
Posts: 29
Rep:
|
Filtering on MAC isn't a good idea as long as you don't use other security options - but in addition I think this is a quite good thing to do.
|
|
|
All times are GMT -5. The time now is 09:05 AM.
|
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.
|
Latest Threads
LQ News
|
|