Re: checking the not allowed changing of IP's

To: debian-firewall@lists.debian.org
Subject: Re: checking the not allowed changing of IP's
From: Michael Wood <mwood@its.uct.ac.za>
Date: Wed, 17 Oct 2001 09:36:32 +0200
Message-id: <20011017093632.B8786@marmite.its.uct.ac.za>
Mail-followup-to: Michael Wood <mwood@its.uct.ac.za>, debian-firewall@lists.debian.org
In-reply-to: <3BCB59DF.2A58AB60@ims.com.tr>
References: <3BC6CB2F.F50465DB@ots.rdscj.ro> <3BCB59DF.2A58AB60@ims.com.tr>

On Mon, Oct 15, 2001 at 11:49:19PM +0200, Imran Geriskovan wrote:
> Hi,
> 
> We use DHCP in our LAN.
> I wonder if I can block any traffic generated by any
> local computer which did NOT get its IP from DHCP server.
> (DHCP server and gateway/firewall are on the same box)
> 
> Any ideas?

You could write scripts to add/delete firewall rules when
certain "events" happen to the DHCP server.  I think ISC dhcp
supports this sort of thing.  Check the man page.

The idea is that when the DHCP server hands out a lease to a
certain machine, your script gets run to add a rule allowing
'Net access.  When the lease expires, the DHCP server calls your
script to remove the rule.

Also, if you have a small enough number of machines on your lan,
you could build up a list of the machines/mac addresses and use
arpwatch to see when someone's changed their IP address.  Then
go and tell them not to.

-- 
Michael Wood
mwood@its.uct.ac.za

Reply to:

References:
- checking the not allowed changing of IP's
  - From: Szabó Tamás <sztamas@ots.rdscj.ro>
- Re: checking the not allowed changing of IP's
  - From: Imran Geriskovan <imran.geriskovan@ims.com.tr>

Prev by Date: Re: checking the not allowed changing of IP's
Next by Date: Re: checking the not allowed changing of IP's
Previous by thread: Re: checking the not allowed changing of IP's
Next by thread: Re: checking the not allowed changing of IP's
Index(es):
- Date
- Thread