Subject: | |
From: | |
Reply To: | |
Date: | Tue, 27 Apr 2010 07:58:29 +0100 |
Content-Type: | TEXT/PLAIN |
Parts/Attachments: |
|
|
On Tue, 27 Apr 2010, vivek chal wrote:
> Hi all,
>
> i want to make a network such that only those machines can connect to the
> network whose MAC address is registered with our server.
> Presently i have a DNS server which is acting as a gateway also and i have
> given fixed ips to all the clients.
[ Don't forget that anyone with admin right on a machine can change the mac
address - see eg http://www.topbits.com/how-to-change-a-mac-address.html
]
I'm assuming that the machines are physically on your network ?
If they were elsewhere on the internet and trying to make connections
to your network then your gateway would not see the mac address
of their machine - all packets would "come from" the mac address
of the last router between them and you.
Thus these machines will either be connecting to your network
via a wireless access point or an ethernet switch.
If you wish to keep unauthorized machines off your network
you will needed this device to control which mac addresses
they allow through and many of them do have such options.
> Is it possible to configure a MAC based server in linux.
iptables has options to allow packets based on the source mac address
but, as I said, if the packet has been through a router since it left the
machine you wish to control then the address in the packet will not
belong to the machine you are interested in.
--
Dr. Andrew C. Aitchison Computer Officer, DPMMS, Cambridge
[log in to unmask] http://www.dpmms.cam.ac.uk/~werdna
|
|
|