From owner-freebsd-security Fri Jul 2 8:42:54 1999 Delivered-To: freebsd-security@freebsd.org Received: from gndrsh.aac.dev.com (GndRsh.aac.dev.com [198.145.92.4]) by hub.freebsd.org (Postfix) with ESMTP id 34E08152D5 for ; Fri, 2 Jul 1999 08:42:45 -0700 (PDT) (envelope-from rgrimes@gndrsh.aac.dev.com) Received: (from rgrimes@localhost) by gndrsh.aac.dev.com (8.9.3/8.9.3) id IAA22509; Fri, 2 Jul 1999 08:41:53 -0700 (PDT) (envelope-from rgrimes) From: "Rodney W. Grimes" Message-Id: <199907021541.IAA22509@gndrsh.aac.dev.com> Subject: Re: your mail In-Reply-To: <19990702104239.X69050@pavilion.net> from Josef Karthauser at "Jul 2, 1999 10:42:40 am" To: joe@pavilion.net (Josef Karthauser) Date: Fri, 2 Jul 1999 08:41:53 -0700 (PDT) Cc: des@flood.ping.uio.no (Dag-Erling Smorgrav), ben@narcissus.net (Snob Art Genre), bill@billfink.com (Bill Fink), freebsd-security@FreeBSD.ORG X-Mailer: ELM [version 2.4ME+ PL54 (25)] MIME-Version: 1.0 Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org > On Fri, Jul 02, 1999 at 11:24:04AM +0200, Dag-Erling Smorgrav wrote: > > Josef Karthauser writes: > > > As an associated thing can anyone think of an easy way of ignoring traffic > > > coming from a particular MAC address on the network? I've got a user who > > > keeps changing their IP address to get arround the fact that I've restricted > > > traffic to that address. > > > > So terminate him. > > Ah, if only life were that simple ;) There are laws against that kind of > thing :o). > > He's on a local area network that I'm part of. I provide routed access to > the internet, but he's allowed access to the network to connect to other > users (this is at home, not at work - he rent's a room from me.) The problem > is that he's running Internet Explorer 5 in stupid "go on line for no reason > at all" mode and until he's either un-installed it, or fixed the problem > I've told him that I'm shutting down his internet access. That said he's > been a naughty boy and changed his IP address a couple of times to other > people's. He thinks that I don't know, but of course I've got changing > ARP addresses. What I'd like to do now is ignore his MAC address on the > server instead to get around this. (I could disconnect him from the network > but that's harder to police.) Create a permanant arp entry for is IP address. Your server won't arp for him any more, and if he changes his IP address his packets won't get to him. See man 8 arp: arp -S ipaddress ethernet_add pub should do it for you. -- Rod Grimes - KD7CAX - (RWG25) rgrimes@gndrsh.dnsmgr.net To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message