Date: Fri, 2 Jul 1999 08:41:53 -0700 (PDT) From: "Rodney W. Grimes" <rgrimes@gndrsh.aac.dev.com> To: joe@pavilion.net (Josef Karthauser) Cc: des@flood.ping.uio.no (Dag-Erling Smorgrav), ben@narcissus.net (Snob Art Genre), bill@billfink.com (Bill Fink), freebsd-security@FreeBSD.ORG Subject: Re: your mail Message-ID: <199907021541.IAA22509@gndrsh.aac.dev.com> In-Reply-To: <19990702104239.X69050@pavilion.net> from Josef Karthauser at "Jul 2, 1999 10:42:40 am"
next in thread | previous in thread | raw e-mail | index | archive | help
> On Fri, Jul 02, 1999 at 11:24:04AM +0200, Dag-Erling Smorgrav wrote: > > Josef Karthauser <joe@pavilion.net> writes: > > > As an associated thing can anyone think of an easy way of ignoring traffic > > > coming from a particular MAC address on the network? I've got a user who > > > keeps changing their IP address to get arround the fact that I've restricted > > > traffic to that address. > > > > So terminate him. > > Ah, if only life were that simple ;) There are laws against that kind of > thing :o). > > He's on a local area network that I'm part of. I provide routed access to > the internet, but he's allowed access to the network to connect to other > users (this is at home, not at work - he rent's a room from me.) The problem > is that he's running Internet Explorer 5 in stupid "go on line for no reason > at all" mode and until he's either un-installed it, or fixed the problem > I've told him that I'm shutting down his internet access. That said he's > been a naughty boy and changed his IP address a couple of times to other > people's. He thinks that I don't know, but of course I've got changing > ARP addresses. What I'd like to do now is ignore his MAC address on the > server instead to get around this. (I could disconnect him from the network > but that's harder to police.) Create a permanant arp entry for is IP address. Your server won't arp for him any more, and if he changes his IP address his packets won't get to him. See man 8 arp: arp -S ipaddress ethernet_add pub should do it for you. -- Rod Grimes - KD7CAX - (RWG25) rgrimes@gndrsh.dnsmgr.net To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199907021541.IAA22509>