Re: AW: DHCP and iptables

To: Daniel Walther <d.walther@wireless-bern.ch>
Cc: debian-firewall@lists.debian.org
Subject: Re: AW: DHCP and iptables
From: Mike Mestnik <cheako911@yahoo.com>
Date: Sun, 6 Jun 2004 16:43:16 -0700 (PDT)
Message-id: <[🔎] 20040606234316.27687.qmail@web11905.mail.yahoo.com>

Are you running nessus on another host?  Dose this block you want setup
only for the FORWARD table?  Dose the DHCP server exist on the fierwall
host?

Try bloking all of the DHCPed IPs and then after they pass the tests
unblock them one at a time.  The [1]trick is to keep arping or pinging
these hosts to see when they go down.  I think overall this will be better
and esier to set up.

1. Do this with a cron skript that parses the output of "iptables -L ?-t
FORWARD?".

--- Daniel Walther <d.walther@wireless-bern.ch> wrote:
> Hello Mike
> 
> Thanks for your answer. I have to have the information from the DHCP
> server
> at this moment it serves the client with the ip address. I have to block
> this ip address in the same moment. And after the security check with
> nessus
> I should be able to unblock this ip address.
> Is there any solution?
> 
> Regards
> Daniel
> 
> -----Ursprüngliche Nachricht-----
> Von: Mike Mestnik [mailto:cheako911@yahoo.com] 
> Gesendet: Sonntag, 6. Juni 2004 18:46
> An: Daniel Walther; debian-firewall@lists.debian.org
> Betreff: Re: DHCP and iptables
> 
> You can write any program to parse the dhcp.leased file.  There is
> allready an example that I can think of "dnsmasq".  What you do with the
> info after is your own bis, I say use ssh to exec iptable cmds remotely.
> 
> --- Daniel Walther <d.walther@wireless-bern.ch> wrote:
> > Hello list
> > 
> > I'm trying to get all information from the DHCP service. And after I
> > received the IP address I want to dynamically block this address.
> After
> > a
> > security check with nessus it should be possible to unblock this
> > address.
> > So I can chack all my clients with a special security policy.
> > 
> > Is there any possibility to get this information from the DHCP server
> > and
> > afterwoods to block it?
> > It would be great if someone can help me.
> > 
> > Thanks in advance.
> > 
> > Regards
> > Daniel
> > 
> > 
> > -- 
> > To UNSUBSCRIBE, email to debian-firewall-REQUEST@lists.debian.org
> > with a subject of "unsubscribe". Trouble? Contact
> > listmaster@lists.debian.org
> > 
> 
> 
> 
> 	
> 		
> __________________________________
> Do you Yahoo!?
> Friends.  Fun.  Try the all-new Yahoo! Messenger.
> http://messenger.yahoo.com/ 
> 



	
		
__________________________________
Do you Yahoo!?
Friends.  Fun.  Try the all-new Yahoo! Messenger.
http://messenger.yahoo.com/

Reply to:

Prev by Date: AW: DHCP and iptables
Next by Date: [OFF-TOPIC] LIDS
Previous by thread: unsubscribe
Next by thread: AW: DHCP and iptables
Index(es):
- Date
- Thread