We developed what you're looking for here. It is an iptables script that uses a csv file passed from our billing system(rodopi) to accept/reject customers on the basis of their mac address...
http://yabmas.sourceforge.net/ ----------------------------------------------------------------- Robert Hogan Systems Administrator Raha.com Web: http://www.raha.com Email: [EMAIL PROTECTED] Tel: +255 +22 2119513/4/5 ------------------------------------------------------------------ ----- Original Message ----- From: "Devdas Bhagat" <[EMAIL PROTECTED]> To: "Johan Denoyer" <[EMAIL PROTECTED]> Cc: <[EMAIL PROTECTED]> Sent: Friday, November 22, 2002 9:33 PM Subject: Re: IP to MAC mapping > On 20/11/02 18:49 +0100, Johan Denoyer wrote: > > Hi, > > > > we are currently looking into illegal usage of a protected network. We are > > managing a class C network, and we would like to be able to detect illegal > > usage of the network by finding the MAC address of the ip address used and > > then checking it against a database. > This is a bad idea. Use the generic concept of a firewall and allow only > selected MAC addresses to be active on the network. > You could script up some iptables rules for these, and a rule to DROP > and LOG all other MAC addresses. The ruleset can be built automatically > from a database. > > Devdas Bhagat >
