sau poate doar cu arp -s IP MAC ?
sau le pui intr-un fishier /etc/ethers shi rulezi arp -f /etc/ethers ?
sau foloseshti ceva de genul :
#!/bin/bash
a=/sbin/arp
start()
{
echo "computer1"
$a -s 192.168.0.2 00:11:2f:74:d2:90
echo "computer2"
$a -s 192.168.0.3 00:0E:2E:02:26:84
}
stop()
{
echo "computer1"
$a -d 192.168.0.2
echo "computer2"
$a -d 192.168.0.3
}
case "$1" in
start)
start
;;
stop)
stop
;;
*)
echo "stop sau start?"
esac
bafta.
Ovidiu wrote:
> Cred e un subiect indelung discutat, dar pt. un newbie in linux si pe
> acest forum nu e :)
> Care metoda din cele doua e mai buna si mai ales de ce pt filtare IP+MAC
> intr-o retea unde doar unii trebuie sa iasa pe net:
>
> 1) iptables -t nat -A PREROUTING -i eth1 -s 192.168.0.1 -m
> mac --mac-source X:XX:XX:XX:XX:XX -j ACCEPT
> 2) iptables -A FORWARD -i eth1 -s 192.168.0.1 -m mac --mac-source
> XX:XX:XX:XX:XX:XX -j ACCEPT
>
> In ambele variante am pus policy DROP pentru lantul respectiv.
>
> Multumesc anticipat
>
>
>
>
> ---
> Detalii despre listele noastre de mail: http://www.lug.ro/
>
>
>
>
>
--
-----------------------------
Petre Daniel, Tech Department,
Linux Solutions Project Romania,
RDSTel : +40-348-401101
-----------------------
---
Detalii despre listele noastre de mail: http://www.lug.ro/
