IP & MAC Binding

Taking care of your Linux box.

IP & MAC Binding

Postby asadsq » Tue May 26, 2009 10:41 am

Salam,

I am using Linux based OS "Clark Connect Enterprise Edition" which uses squid at back end for proxy services. I am facing problems that users change IP's of their PC's.
Please let me know if there is any method/technique through which I can bind IP with MAC address so that problem may be solved for ever :) .

Regards
Asad Siddiqui
Peshawar
Asad Zia Siddiqui
Peshawar
asadsq
Lance Naik
 
Posts: 48
Joined: Fri Feb 22, 2008 3:10 pm
WLM: asad_sq
Yahoo Messenger: asadsq
Location: Peshawar

Postby lambda » Tue May 26, 2009 11:50 am

and what's to prevent your users from changing their ips and mac addresses?
Watch out for the Manners Taliban!
Isn't it amazing how so many people can type "linuxpakistan.net" into their browsers but not "google.com"?
lambda
Major General
 
Posts: 3452
Joined: Tue May 27, 2003 7:04 pm
Website: http://www.hungry.com/~fn/
Location: Lahore

Postby ather_36 » Tue May 26, 2009 11:50 am

Dear Asadsq,
Configure DHCP. I am sure it will resolve your problem.
Please find the link:-
http://www.linuxhomenetworking.com/wiki ... HCP_Server
Thanks & Regards
Athar Hussain
ather_36
Naik
 
Posts: 97
Joined: Thu Jul 31, 2003 11:38 am
Website: http://www.linuxpakistan.net
WLM: ather_36@hotmail.com
Yahoo Messenger: ather_36@yahoo.com
Location: karachi

Postby lambda » Tue May 26, 2009 12:01 pm

no, it won't.
Watch out for the Manners Taliban!
Isn't it amazing how so many people can type "linuxpakistan.net" into their browsers but not "google.com"?
lambda
Major General
 
Posts: 3452
Joined: Tue May 27, 2003 7:04 pm
Website: http://www.hungry.com/~fn/
Location: Lahore

Postby osama » Tue May 26, 2009 1:43 pm

lambda wrote:no, it won't.


But DHCP might be the first step for this astronaut
osama
Havaldaar
 
Posts: 117
Joined: Fri Aug 22, 2008 9:08 am

Postby lambda » Tue May 26, 2009 4:50 pm

But DHCP might be the first step for this astronaut
how, exactly?
Watch out for the Manners Taliban!
Isn't it amazing how so many people can type "linuxpakistan.net" into their browsers but not "google.com"?
lambda
Major General
 
Posts: 3452
Joined: Tue May 27, 2003 7:04 pm
Website: http://www.hungry.com/~fn/
Location: Lahore

Postby osama » Tue May 26, 2009 5:02 pm

He might not be using any service to assign IP and hence every user has to enter IPs manually.
osama
Havaldaar
 
Posts: 117
Joined: Fri Aug 22, 2008 9:08 am

Postby lambda » Tue May 26, 2009 6:19 pm

going back to what i said earlier: what's to prevent your users from changing their ips and mac addresses to match a "valid" address?
Watch out for the Manners Taliban!
Isn't it amazing how so many people can type "linuxpakistan.net" into their browsers but not "google.com"?
lambda
Major General
 
Posts: 3452
Joined: Tue May 27, 2003 7:04 pm
Website: http://www.hungry.com/~fn/
Location: Lahore

Postby asadsq » Wed May 27, 2009 5:18 pm

Well
let me explain a bit
I have divided some section in to different subnets
For example
For faculty its 172.16.1.xx
For Researchers 172.16.2.xx
for hostels 172.16.3.xx
for IT Labs 172.16.4.xx

Now i want that IP's of Faculty may be BIND with their respective MAC's so that they might not change their IP etc
It happens that they change their IP to other subnet for nothing causing IP conflicts

Regards
Asad
Asad Zia Siddiqui

Peshawar
asadsq
Lance Naik
 
Posts: 48
Joined: Fri Feb 22, 2008 3:10 pm
WLM: asad_sq
Yahoo Messenger: asadsq
Location: Peshawar

Postby asadsq » Wed May 27, 2009 6:02 pm

Also,

I am not using any DHCP n i don't want to use DHCP
as in our case it does not fit us
Asad Zia Siddiqui

Peshawar
asadsq
Lance Naik
 
Posts: 48
Joined: Fri Feb 22, 2008 3:10 pm
WLM: asad_sq
Yahoo Messenger: asadsq
Location: Peshawar

Postby lambda » Wed May 27, 2009 8:00 pm

you do know that you can assign static ips using dhcp, right?
Watch out for the Manners Taliban!
Isn't it amazing how so many people can type "linuxpakistan.net" into their browsers but not "google.com"?
lambda
Major General
 
Posts: 3452
Joined: Tue May 27, 2003 7:04 pm
Website: http://www.hungry.com/~fn/
Location: Lahore

Postby asadsq » Thu May 28, 2009 8:54 am

No i don't know about this.
But
scenario is that we have already assigned IP's we already have all MAC's & it will be too difficult to have more exercise if we go for DHCP option (that what I think?)

Regards
Asad Zia Siddiqui

Peshawar
asadsq
Lance Naik
 
Posts: 48
Joined: Fri Feb 22, 2008 3:10 pm
WLM: asad_sq
Yahoo Messenger: asadsq
Location: Peshawar

Postby x2oxen » Thu May 28, 2009 2:59 pm

you can bind ip with mac address using iptables and ur user will only get through if their ip address and mac address matches your list. her is a little hint to do so.

Code: Select all

cat $MACDIR/mac.addresses | while read MACS
do
IP=`echo $MACS | awk '{print $2}'`
MAC=`echo $MACS | awk '{print $1}'`
$IPT -t mangle -A PREROUTING -i $NETWORK -s $IP -m mac --mac-source $MAC -j MARK --set-mark 1
done
Muhammad Usman
+92-321-6640501
Chemonics International
http://usmanpk.com
x2oxen
Major General
 
Posts: 1114
Joined: Wed Aug 22, 2007 3:17 pm
Website: http://usmanpk.com
WLM: x2oxen@hotmail.com
Yahoo Messenger: x2oxen
Location: Faisalabad

Postby asadsq » Thu May 28, 2009 3:12 pm

Is arp will be useful in this scenario?
Asad Zia Siddiqui

Peshawar
asadsq
Lance Naik
 
Posts: 48
Joined: Fri Feb 22, 2008 3:10 pm
WLM: asad_sq
Yahoo Messenger: asadsq
Location: Peshawar

Postby asadsq » Fri May 29, 2009 11:14 am

Dear x2oxen,

Could you please tell me that
IP will replace original IP?
& MAC will replace real MAC?
Asad Zia Siddiqui

Peshawar
asadsq
Lance Naik
 
Posts: 48
Joined: Fri Feb 22, 2008 3:10 pm
WLM: asad_sq
Yahoo Messenger: asadsq
Location: Peshawar


Return to “%s” Administration

Who is online

Users browsing this forum: Google [Bot] and 1 guest

cron