Hello All, As if you haven't been hearing enough from me recently - here another "nearly newbie" question:
I want to stop people on one of my interfaces (you guessed it - eth2/lan2) from connecting to the Ethernet outside of office hours. I don't know if it would be better to block by IP or MAC - Most users are using DHCP so I could block the whole dhcp-range. But at least one user knows what they are doing and could reset their PC with a fixed IP. I would notice if this happens but in order to block them again I would be chasing them through the network and at some point they are going to pick an IP that conflicts with something important. With the MAC I know which PC/User it is and "basta" they are blocked. I thought one way to do this is set up the mac-address-filter firewall plugin and then have a cron job to switch the mac-address file and restart the firewall. So my questions are: 1. What does this mean: # Specify here the port(s) you want to SSH checks to apply to # ------------------------------------------------------------------------------ MAC_ADDRESS_IF="$INT_IF" "... you want to SSH checks to apply to" ??? Why SSH? Does this plugin _only_ stop SSH? If so, why should anyone only want to stop SSH by mac address? And, if it is only dropping port 22 traffic it should be possible to "hack" the script so that this plugin checks/blocks all ports. Could someone [Lonnie again? :-)] tell me where this plugin script file is located please. Thanks in advance, -Graham- ------------------------------------------------------------------------------ Centralized Desktop Delivery: Dell and VMware Reference Architecture Simplifying enterprise desktop deployment and management using Dell EqualLogic storage and VMware View: A highly scalable, end-to-end client virtualization framework. Read more! http://p.sf.net/sfu/dell-eql-dev2dev _______________________________________________ Astlinux-users mailing list Astlinux-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/astlinux-users Donations to support AstLinux are graciously accepted via PayPal to pay...@krisk.org.
