Re: [Masq] Associating a MAC adress with an IP

Wed, 28 Nov 2001 17:51:11 -0800 

/* HINT: Search archives @ http://www.indyramp.com/masq/ before posting! 
/* ALSO: Don't quote this header. It makes you look lame :-) */


If your router is a linux box as you have indicated doing masq:

        You could hardwire the arp cache with the mac addresses 
        from the lab.  That way stuff for a particular ip is
        going to be sent out on the ethernet interface to a particular
        mac address regardless of arp broadcasts and the like.

        man arp
         arp -s 129.152.157.180 00:C0:D0:6A:99:1E

hope this helps 

derek


On Wed, 28 Nov 2001, Olivier Michel wrote:

> Date: Wed, 28 Nov 2001 16:54:59 +0100
> From: Olivier Michel <[EMAIL PROTECTED]>
> To: [EMAIL PROTECTED]
> Subject: [Masq]  Associating a MAC adress with an IP
> 
> /* HINT: Search archives @ http://www.indyramp.com/masq/ before posting! 
> /* ALSO: Don't quote this header. It makes you look lame :-) */
> 
> 
> Hi !
> 
> I manage a few workstations in a student classroom. We have 24
> stations on the lan, and a Linux box that does masquerading with
> ipchains under a 2.2 kernel.
> 
> Everything runs fine, BUT, from time to time, a student takes the
> network cable out of the computer and plugs it into HIS computer. I do
> not want to allow this.
> 
> How could I forbid such behaviour ? The only thing I see is to
> associate an IP with the MAC adress of the computer and to refuse a
> packet that is coming from an IP adress that does not match the MAC
> adress it should have. Is this possible ? I detect the problems with
> arpwatch, but I'd also like to reject such bad traffic. Is it possible
> to do this using ipchains rules ? (or with netfilter and a 2.4 kernel
> ?)
> 
> Any ideas ?
> 
> Best regards,
> Olivier MICHEL
> 
> 

----------------------------------------------------------------
Derek Benson                     |   
Infrastructure Management        | Tel: +61 7 336 53959 
Information Technology Services  | Email: [EMAIL PROTECTED]
The University of Queensland     | http://www.its.uq.edu.au
================================================================

_______________________________________________
Masq maillist  -  [EMAIL PROTECTED]
Admin requests can be handled at http://www.indyramp.com/masq-list/ -- 
THIS INCLUDES UNSUBSCRIBING!
or email to [EMAIL PROTECTED]

PLEASE read the HOWTO and search the archives before posting.
You can start your search at http://www.indyramp.com/masq/
Please keep general linux/unix/pc/internet questions off the list.

Reply via email to