Re: Forced DHCP setup
Mangling arround and all, maybe its good to discuss this idea here...
1.- Suppose i give you a list of mac addresses and the assigned ips they
should have....
2.- If one makes that assumption, u guys think this would be a good way
to go at it (admin wise, mantainership...etc.):
a) Make a script that generates dhcpd3.conf
b) Make a script that generates iptables commands
like:
iptables -A input -s $IP_USER -m mac
--mac-source $MAC_USER -j accept
#all others reject
c) Have your squid rules reflect the change:
#dont remember, but squid blocks by mac
acl accepted_macs $MAC_USER1...$MAC_USER_N
acl accepted_ips $IP_USER1.....$IP_USER_N
http_access allow auth_pam acceed_macs accepted_ips
http_access deny
Mhm... not shure if squid works that way but u get the idea.... it looks
horrible from the admin POV, maybe u guys can think of a better way...
El mié, 30-10-2002 a las 15:39, Alex Borges (lex) escribió:
> Hey... I want to tie up users to ip addresses and machines. This way i
> can easyly mangle bandwith, squid acls and lots of stuff through my
> woody box....
>
>
> So im thinking maybe the solution is to force users to obtain ip's from
> dhcp and, i users take an ip for which they have no lease, bloack them
> with iptables or somwthing...
>
>
> Im thinking this is probably an old trick so im asking here for pointers
> and stuff as i parallely STFW for this setup... ne ideas?
>
>
> --
> Alex (Lex) Borges
> Software Engineer
> Step One Group
> www.sogrp.com
>
>
> --
> To UNSUBSCRIBE, email to debian-isp-request@lists.debian.org
> with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
>
--
Alex (Lex) Borges
Software Engineer
Step One Group
www.sogrp.com
Reply to: