How can I only allow certain MAC/IPs to access the network
-
- Posts: 53
- Joined: 2014/01/05 21:55:27
How can I only allow certain MAC/IPs to access the network
I have a centos server and a few windows clients. I want to write a rule to block all mac addresses/ips, except for the ones I choose. How can I do this? Thanks
-
- Posts: 10642
- Joined: 2005/08/05 15:19:54
- Location: Northern Illinois, USA
Re: How can I only allow certain MAC/IPs to access the netwo
Take their network cables away or block them at the switch/router.
This is not a CentOS issue.
This is not a CentOS issue.
-
- Posts: 53
- Joined: 2014/01/05 21:55:27
Re: How can I only allow certain MAC/IPs to access the netwo
This absolutely is a CentOS issue.
Anyone else - how can I change my iptables file to block all mac/ip addresses and only allow the ones I choose?
Anyone else - how can I change my iptables file to block all mac/ip addresses and only allow the ones I choose?
-
- Posts: 10642
- Joined: 2005/08/05 15:19:54
- Location: Northern Illinois, USA
Re: How can I only allow certain MAC/IPs to access the netwo
If your CentOS machine is the internet gateway you can block machines from reaching the intenret, but you cannot block them from the local network.
-
- Posts: 53
- Joined: 2014/01/05 21:55:27
Re: How can I only allow certain MAC/IPs to access the netwo
The network is a private network. The CentOS server is a file server. There is no internet access on this network. And yes, you can block MAC addresses and IPs from accessing the server
Re: How can I only allow certain MAC/IPs to access the netwo
`man iptables` and search for mac-source
The future appears to be RHEL or Debian. I think I'm going Debian.
Info for USB installs on http://wiki.centos.org/HowTos/InstallFromUSBkey
CentOS 5 and 6 are deadest, do not use them.
Use the FAQ Luke
Info for USB installs on http://wiki.centos.org/HowTos/InstallFromUSBkey
CentOS 5 and 6 are deadest, do not use them.
Use the FAQ Luke
Re: How can I only allow certain MAC/IPs to access the netwo
Bypassing MAC ADDR or IP blocks is trivially easy, that's why you have USERNAMES and STRONG PASSWORDS.
For the 2.5^15th time :: Better Details = Better Answers
-
- Posts: 53
- Joined: 2014/01/05 21:55:27
Re: How can I only allow certain MAC/IPs to access the netwo
I know, its for internal use only, not intended to be a once for all security method. This is to restrict a group of 5 engineers that aren't that computer savvy from plugging any other non approved pcs into the secure network and gaining anykind of access. I have network and user passwords in place, but want to include MAC address filtering as well.
-
- Posts: 74
- Joined: 2007/11/05 16:08:34
- Location: Pune
Re: How can I only allow certain MAC/IPs to access the netwo
First allow your MAC address then deny all others to input to your server
/sbin/iptables -A INPUT -i ethx -p tcp -s 192.168.x.x/x -d x.x.x.x -m mac --mac-source XX:XX:XX:XX:XX:XX -j ACCEPT
/sbin/iptables -A INPUT -i ethx -p tcp -s 192.168.x.x/x -d x.x.x.x -m mac --mac-source XX:XX:XX:XX:XX:YY -j DROP
/sbin/iptables -A INPUT -i ethx -p tcp -s 192.168.x.x/x -d x.x.x.x -m mac --mac-source XX:XX:XX:XX:XX:XX -j ACCEPT
/sbin/iptables -A INPUT -i ethx -p tcp -s 192.168.x.x/x -d x.x.x.x -m mac --mac-source XX:XX:XX:XX:XX:YY -j DROP
-
- Posts: 53
- Joined: 2014/01/05 21:55:27
Re: How can I only allow certain MAC/IPs to access the netwo
Thank you for a helpful reply, finally