Thanks for the suggestion John, I wasn't aware of such application. It's a nice solution. You can download/install it on any distro from here: http://nocat.net/ Juan Pablo 2008/9/22 John Summerfield <[log in to unmask]>: > Juan Pablo Macias wrote: >> >> Hi >> >> I think it would be easier to make this at firewall level. For >> example, assign an IP address range from 192.168.1.10 to 192.168.1.50 >> to unregistered addresses, and at your gateway, use iptables to block >> addresses in that range from passing through. When you register your >> client, assign an ip outside that range. You could make this based on >> ports too. >> >> Juan Pablo Macias >> >> 2008/9/19 vivek chal <[log in to unmask]>: >>> >>> Hello all ! >>> i have made a dhcp server that assigns temporary ip address to my clients >>> on >>> first attempt and when clients fill the registration form (which includes >>> host name, MAC address etc), i write entries in dhcp.conf to assign >>> fixed >>> ip address based on their MAC address. >>> Now i want my server's some services like ssh,telnet and iptables will >>> work >>> only for registered users to whom i have assigned fixed ip address in >>> dhcp.conf based on their MAC address so that only registered users can >>> access internet . My machine is acting as a DNS, Gateway and DHCP. > > I don't think much of it as a security idea. Anyone who's master of their > own machine can assign their own IP address. MAC addresses can be forged. > iptables can only be configured on the machine it's running on. > > There is a free package that does pretty much what I think you want, it's > part of pebble linux, I think it's from Seattle Wireless (a group of users) > and it _is_ mentioned in 100 Wireless Hacks published by Oreilly. I think > it's NoCatAuth. > > Pebble linux is a special-purpose Linux distro, comes as a tarball, is > really small and is intended for wireless access points built from old > peecees, where access to the Internet needs to be controlled but not > necessarily charged for. Think "Free Internet cafe." > > > > > >>> >>> Can anyone help me to write such a script as I have to implement this >>> server >>> soon. > >> >> > > > -- > > Cheers > John > > -- spambait > [log in to unmask] [log in to unmask] > -- Advice > http://webfoot.com/advice/email.top.php > http://www.catb.org/~esr/faqs/smart-questions.html > http://support.microsoft.com/kb/555375 > > You cannot reply off-list:-) > -- To follow the path, look to the master, follow the master, walk with the master, see through the master, become the master