Am Do, den 29.01.2004 schrieb SzemerÃdy GÃbor um 16:27:
> Hello list members!
> We have a server with its public IP address and there is also a subnet
> with
> local addresses (192.168.0.x) on it.
> We would like to limit the access from certain IP address so that it can
>
> be
> established only if the request comes from the same workstation.
> Something like capturing the workstations MAC address to its IP address
> ,
> so that the user can browse the internet only if the MAC address of the
> workstation and the IP address are equal to the predefined values.
> We do traffic accounting by IP address and would like to prevent using
> the account of an other workstation by changing the IP address.
> (In current situation one can browse the internet with certain IP
> address and then
> change the IP address and use the account of an other person).
> Is there any solution?
> Thanks
Sure is there a solution: just be sure you are the only person with root
permissions! Only root can change the IP address of a linux host.
If it is not possible to limit root to you, you will have to modify your
iptables rules to also check the MAC address of a station initiating a
connection.
Alexander
--
Alexander Dalloz | Enger, Germany | GPG key 1024D/ED695653 1999-07-13
Fedora GNU/Linux Core 1 (Yarrow) on Athlon CPU kernel 2.4.22-1.2149.nptl
Sirendipity 16:49:13 up 1:36, 7 users, 0.00, 0.11, 0.19
[ ÎÎÏÎÎ Ï'ÎÏÏÎÎ - gnothi seauton ]
