Re: [opensuse] How to enforce IP's regardless of the clients setup.

Shawn Holland wrote:
Hi,

My current setup has multiple IP ranges where I use mac filtering to
specify what IP ranges specific computers will get.

The same server will be the gateway to the Internet.

What I am looking for is a way to enforce specific MAC Addresses to only
be allowed to use specific IP's.

Like I said above I have it locked down in DHCP, but its a simple matter
of setting a static IP to bypass the dhcp server.

I have been reading through SuSEfirewall2 and haven't found anything
apparent that I could use to enforce this.

Can anyone point me in the right direction on how to use iptables /
SuSEfirewall2 to only permit traffic from a mac address when its using a
specific IP or IP Range?

With the amount of work it requires to get the mac address
of a specific machine, why don't you just NOT USE DHCP and
assign each machine a static address.

Unless you're constantly shuffling their IP addresses by hand,
that would seem to be the simple, effective solution.

Using DHCP to make static addresses is like driving a
tractor-trailer truck to borrow a cup of sugar from
your neighbor.


--
Thanks,
Shawn


--
To unsubscribe, e-mail: opensuse+unsubscribe@xxxxxxxxxxxx
For additional commands, e-mail: opensuse+help@xxxxxxxxxxxx

Relevant Pages

  • Re: Static IP outside of router DHCP range
    ... This would avoid the need for DHCP entirely, ... server IP statically will at least avoid the problem of the clients ... DHCP from the router, you could turn it off in the router and use static ... So I have no way to either reserve IP addresses based on Mac addresses, ...
    (alt.comp.hardware.pc-homebuilt)
  • RE: DHCP
    ... Asunto: Re: DHCP ... I am looking for a way to block any PC that plugs into my network ... Windows Server 2008 can do this, but I'm not sure about 2003. ... MAC, this server will send IP address and parameters for configure the ...
    (Security-Basics)
  • Re: Cant access secure Web pages
    ... server. ... This is a description of how you may, in the future, configure a DHCP ... network, and which need to be contacted via the Default Gateway. ... with it's hardware Ethernet MAC address in. ...
    (uk.comp.sys.mac)
  • Re: Re: MAC Spoofing Prevention in Wireless
    ... The DHCP server would be helpful but a static IP would render that ... dhcp, no idea of that technology exists). ... clients will be on the same WAP? ... someone with that mac is already auth'd on another WAP". ...
    (Security-Basics)
  • RE: Blocked IP address - What is MAC 24:5e:0d:1c:06:b7 ?
    ... Can you elaborate some more about the DHCP question? ... Not sure why your get a different Mac address but on the terminal server you ... Also depends how your DHCP is setup, do you have DHCP on your network? ...
    (microsoft.public.windows.terminal_services)