Are you running nessus on another host? Dose this block you want setup only for the FORWARD table? Dose the DHCP server exist on the fierwall host?
Try bloking all of the DHCPed IPs and then after they pass the tests unblock them one at a time. The [1]trick is to keep arping or pinging these hosts to see when they go down. I think overall this will be better and esier to set up. 1. Do this with a cron skript that parses the output of "iptables -L ?-t FORWARD?". --- Daniel Walther <[EMAIL PROTECTED]> wrote: > Hello Mike > > Thanks for your answer. I have to have the information from the DHCP > server > at this moment it serves the client with the ip address. I have to block > this ip address in the same moment. And after the security check with > nessus > I should be able to unblock this ip address. > Is there any solution? > > Regards > Daniel > > -----Urspr�ngliche Nachricht----- > Von: Mike Mestnik [mailto:[EMAIL PROTECTED] > Gesendet: Sonntag, 6. Juni 2004 18:46 > An: Daniel Walther; [email protected] > Betreff: Re: DHCP and iptables > > You can write any program to parse the dhcp.leased file. There is > allready an example that I can think of "dnsmasq". What you do with the > info after is your own bis, I say use ssh to exec iptable cmds remotely. > > --- Daniel Walther <[EMAIL PROTECTED]> wrote: > > Hello list > > > > I'm trying to get all information from the DHCP service. And after I > > received the IP address I want to dynamically block this address. > After > > a > > security check with nessus it should be possible to unblock this > > address. > > So I can chack all my clients with a special security policy. > > > > Is there any possibility to get this information from the DHCP server > > and > > afterwoods to block it? > > It would be great if someone can help me. > > > > Thanks in advance. > > > > Regards > > Daniel > > > > > > -- > > To UNSUBSCRIBE, email to [EMAIL PROTECTED] > > with a subject of "unsubscribe". Trouble? Contact > > [EMAIL PROTECTED] > > > > > > > > __________________________________ > Do you Yahoo!? > Friends. Fun. Try the all-new Yahoo! Messenger. > http://messenger.yahoo.com/ > __________________________________ Do you Yahoo!? Friends. Fun. Try the all-new Yahoo! Messenger. http://messenger.yahoo.com/
