Re: Prevent access to linux server when mac adress does not match ip adress
- From: ibuprofin@xxxxxxxxxxxxxxxxxxxxxx (Moe Trin)
- Date: Tue, 31 Oct 2006 14:03:24 -0600
On Tue, 31 Oct 2006, in the Usenet newsgroup comp.os.linux.networking, in
article <J0E1h.158093$Vr5.2622570@xxxxxxxxxxxxxxxxxxxxx>, kris houben wrote:
i am running a red hat 6.2 server which is used for internet ip traffic
measurement.
What possible reason do you have for using a six year old distribution that
has been unsupported for three and a half years?
All clients connected to this server get a ip adress through dhcp. To be
sure that every client keeps getting the smake ip adress when it connects
the dhcp server gives ip adresses to the client pc's based on their mac
adress. This works fine as long as the clients are not changing their ip
adress manualy.
Do you specifically need DHCP? Are the systems moving between this, and
other networks? That's the only conceivable reason for using DHCP.
Is there a way to prevent access to the linux server when the ip adress of a
certain client does not match the mac adress.
Lessee, 6.2 came out of box with 2.2.14-5.0, and was updated over it's three
year life ending with 2.2.24-6.2.3 - that would still be IPCHAINS as a
firewall, and I don't recall it having a MAC address module.
I suppose the easiest way would be to use a static ARP setup. 'man arp' and
look at the -s (better still, the -f) option. Obviously, this will ONLY
work where all hosts of concern are located on the same collision domain,
and no one is using proxyarp.
Old guy
.
- Prev by Date: Re: Problem with hostnames starting with hyphens, stars, etc. (but works fine on windows!)
- Next by Date: Re: Prevent access to linux server when mac adress does not match ip adress
- Previous by thread: Re: Prevent access to linux server when mac adress does not match ip adress
- Next by thread: MTA besides sendmail?
- Index(es):
Relevant Pages
|
