Juan Pablo Macias wrote:
Hi
I think it would be easier to make this at firewall level. For
example, assign an IP address range from 192.168.1.10 to 192.168.1.50
to unregistered addresses, and at your gateway, use iptables to block
addresses in that range from passing through. When you register your
client, assign an ip outside that range. You could make this based on
ports too.
Juan Pablo Macias
2008/9/19 vivek chal <[EMAIL PROTECTED]>:
Hello all !
i have made a dhcp server that assigns temporary ip address to my clients on
first attempt and when clients fill the registration form (which includes
host name, MAC address etc), i write entries in dhcp.conf to assign fixed
ip address based on their MAC address.
Now i want my server's some services like ssh,telnet and iptables will work
only for registered users to whom i have assigned fixed ip address in
dhcp.conf based on their MAC address so that only registered users can
access internet . My machine is acting as a DNS, Gateway and DHCP.
I don't think much of it as a security idea. Anyone who's master of
their own machine can assign their own IP address. MAC addresses can be
forged. iptables can only be configured on the machine it's running on.
There is a free package that does pretty much what I think you want,
it's part of pebble linux, I think it's from Seattle Wireless (a group
of users) and it _is_ mentioned in 100 Wireless Hacks published by
Oreilly. I think it's NoCatAuth.
Pebble linux is a special-purpose Linux distro, comes as a tarball, is
really small and is intended for wireless access points built from old
peecees, where access to the Internet needs to be controlled but not
necessarily charged for. Think "Free Internet cafe."
Can anyone help me to write such a script as I have to implement this server
soon.
--
Cheers
John
-- spambait
[EMAIL PROTECTED] [EMAIL PROTECTED]
-- Advice
http://webfoot.com/advice/email.top.php
http://www.catb.org/~esr/faqs/smart-questions.html
http://support.microsoft.com/kb/555375
You cannot reply off-list:-)
