Thursday 15 December 2011

How to block users through MAC Address IPTABLES Ubuntu 10.10

I have installed a squid 2.7 transparently and also implemented sarg for reports. but i am facing a problem here. i have configure my network users in dhcp.conf. but there are some other users appears in my sarg reports with a heavy downloads.

now i have to do some thing specials for these guys.
i am going to invite them on lunch.

i just open terminal on my server, and run the command
arp -a
i found all the MAC Address and IP Address. i do have a MAC table of my network users.
then i copy all the MAC address that are not listed in my MAC table and create another file for them, past all with in a file.
After that i tab the terminal run the following commands to:
To check my iptables Rules:
iptables-save
ok
Then Run the command to block each MAC user that i have in newly created file. by running the following two commands repeatedly for each user.

iptables -A INPUT -m mac --mac-source 00:xx:6b:xx:05:xx -j DROP
iptables -A FORWARD -m mac --mac-source 00:xx:6b:xx:05:xx -j DROP

then check out the command
iptables-save
and then
iptables-apply

All the unauthorized users are blocked now.

if i want to give access to some one later on i have to follow the simple steps.
iptables -D INPUT -m mac --mac-source 00:xx:6b:xx:05:xx -j DROP
iptables -D FORWARD -m mac --mac-source 00:xx:6b:xx:05:xx -j DROP

iptables-save to check the specific entry is deleted from IPTABLES-RULES.
now he can access the internet.
now who is going to pay for lunch. don't worry i am going to pay.

Enjoy the fruits
do comments if you like it.

No comments:

Post a Comment