|
Bind IP address using MAC
Dear Friends ,
I want to Bind the Host IP address with MAC address using squid in Linux 4.0 . Is it possible to do ? Or tell me another way(if any), How can I bind a ip address with a MAC address for internet browsing security? |
Quote:
Code:
acl bad_mac arp 12:34:56:78:91:01Code:
iptables -A INPUT -s 192.168.123.123 \ |
Quote:
|
Quote:
|
Quote:
|
Please explain any part of this question.
If you mean "Bind" as in "DNS and Bind", then I can't get beyond the slightest notion of what you are talking about; if you mean "Bind" as in associate one with the other, I don't see why squid, a caching program, would be what you want, unless you mean something more like "block/control web browsing by Mac address" which isn't really binding. What on earth do you mean by "Linux 4.0"? If Linux is anything, its the kernel of an OS, and its currently at 2.6.twenty-something. My current guess at progress would leave 4.0 coming out in, say, 40 to 100 years (the new arangement with version numbering having thrown a spanner in the works of progress estimation). If, on the other hand, you claim to be a person from the future, it would be nice if you could confirm that by telling me the winners of this year's (it is currently 2008) UK FA Cup and Formula 1 series (both driver's and manufacturer's, please). There is no guarantee that I won't be asking about horse races too, so you might want to find out how you can access historic horse racing results from Aug 2008 onwards, thanks. Alternatively, if you mean 4.0 of some particular distro: It would be a help if you could give a hint as to which that is, there being well over a hundred of them, all of which have their own unique numbering/naming scheme. My guess, if you are using a popular distro like Fedora, Ubuntu or OpenSuSE, you are well out of date and you probably should get something more convincingly this century before proceeding. Maybe, if its Debian or RHEL its not that bad. If you do just mean blocking some particular piece of networking hardware, be aware that MAC addresses can be spoofed. I think I would want to call the degree of difficulty here 'hacker-trivial', but it does depend on circumstances. And there will be people/known threats that can't even rise to that level of difficulty. If, in spite of that you still want to proceed, I think you should think in terms of only opening one port in your firewall to the internal network - 3128 is the default for squid (and the firewall is where I'd do the mac address matching, but I didn't know the detail posted by win32sux) and only allow packets that come through squid out to the wider world. But you have to have the correct hardware set up for this, and that's something else where further info is needed. But, as I say, mac addresses aren't foolproof and if you have the wrong hardware arrangement it hardly does any blocking at all. |
MAC address binds with ip address
Thx Win32Sux ,
Actually I just want to this thing what u have to said . If there any mistake in my question then i m sorry . I have another question . Follwing ur advice , I can now easily bind(or add) an ip address with its MAC address so that a particular user (who holds that IP ) can browse only. Other user cannot . But its true that , It is very easy to change the MAC address in windows platform as well as Linux platform . In this situation , How can I make strong protection from unautorized internet browsing . Plz give me some ideas . Thx .. ... |
Quote:
Quote:
|
| All times are GMT -5. The time now is 02:28 AM. |