/* HINT: Search archives @ http://www.indyramp.com/masq/ before posting! /* ALSO: Don't quote this header. It makes you look lame :-) */
Yes, but this does not prevent from someone using this IP adress with another NIC with a different MAC adress, does it ? O. Derek Benson writes: > If your router is a linux box as you have indicated doing masq: > > You could hardwire the arp cache with the mac addresses > from the lab. That way stuff for a particular ip is > going to be sent out on the ethernet interface to a particular > mac address regardless of arp broadcasts and the like. > > man arp > arp -s 129.152.157.180 00:C0:D0:6A:99:1E > > hope this helps > > derek > > > On Wed, 28 Nov 2001, Olivier Michel wrote: > > > Date: Wed, 28 Nov 2001 16:54:59 +0100 > > From: Olivier Michel <[EMAIL PROTECTED]> > > To: [EMAIL PROTECTED] > > Subject: [Masq] Associating a MAC adress with an IP > > > > /* HINT: Search archives @ http://www.indyramp.com/masq/ before posting! > > /* ALSO: Don't quote this header. It makes you look lame :-) */ > > > > > > Hi ! > > > > I manage a few workstations in a student classroom. We have 24 > > stations on the lan, and a Linux box that does masquerading with > > ipchains under a 2.2 kernel. > > > > Everything runs fine, BUT, from time to time, a student takes the > > network cable out of the computer and plugs it into HIS computer. I do > > not want to allow this. > > > > How could I forbid such behaviour ? The only thing I see is to > > associate an IP with the MAC adress of the computer and to refuse a > > packet that is coming from an IP adress that does not match the MAC > > adress it should have. Is this possible ? I detect the problems with > > arpwatch, but I'd also like to reject such bad traffic. Is it possible > > to do this using ipchains rules ? (or with netfilter and a 2.4 kernel > > ?) > > > > Any ideas ? > > > > Best regards, > > Olivier MICHEL > > > > > > ---------------------------------------------------------------- > Derek Benson | > Infrastructure Management | Tel: +61 7 336 53959 > Information Technology Services | Email: [EMAIL PROTECTED] > The University of Queensland | http://www.its.uq.edu.au > ================================================================ -- Olivier MICHEL Email : [EMAIL PROTECTED] Universite d'Evry Val d'Essonne http : www.lami.univ-evry.fr/~michel LaMI - UMR 8042 du CNRS Phone : +33 (0)1.60.87.39.04 523, place des terrasses de l'agora Fax : +33 (0)1.60.87.37.89 91000 Evry - FRANCE _______________________________________________ Masq maillist - [EMAIL PROTECTED] Admin requests can be handled at http://www.indyramp.com/masq-list/ -- THIS INCLUDES UNSUBSCRIBING! or email to [EMAIL PROTECTED] PLEASE read the HOWTO and search the archives before posting. You can start your search at http://www.indyramp.com/masq/ Please keep general linux/unix/pc/internet questions off the list.
