Answer the question
In order to leave comments, you need to log in
K
K
Konstantin2014-04-22 15:46:13
Konstantin, 2014-04-22 15:46:13
How to filter by MAC address mask in centos?
How to configure packet drop in iptables to MASK MAC addresses? centos 6.5_x86
Like
iptables -A INPUT -m mac --mac-source 00:0С: **-**-**-** -j DROPIt is necessary to get rid of any androids in the warehouse network, etc. etc.
The idea is to transfer dhcp from windows to centos and make a ban on ALL left mobile devices on the vendor ID. Bringing in each PC and the desired mobile terminal is a terrible task.
3 answer(s)
@leahch
@leahch
@fallen8rwtf
A
Alexey Cheremisin, 2014-04-22 @leahch
On dhcp (Linux) configure classes and register members - it will give IP only to the correct devices. I suspect that microsoft dhcp also has classes.
I have something like this in dhcpd.conf. And no ip/ebtables needed!
.....
class "MySecretClass1"
{
match if (substring( option vendor-class-identifier, 0, 6)="Huawei");
}
......
subnet 192.168.0.0 netmask 255.255.255.0 {
....
pool {
range 192.168.0.14 192.168.0.254;
allow members of "MySecretClass1";
allow members of "MySecretClass2";
allow members of "MySecretClass3";
}
.....
}A
Alexey Cheremisin, 2014-04-22 @leahch
If we want to work exactly on MAC, then ebtables is better. Brief
description
with examples
here xgu.ru/wiki/ebtables IP for registered devices only.
K
Konstantin, 2014-04-22 @fallen8rwtf
@leahch
thanks! now I’ll look at edtables
filtering is needed for a wi-fi network
on switches to do it is not yet possible, since there is a mess =) we
installed a wi-fi network in a warehouse of 5000 m ^ 2 on a motorola rfs6000, but there is one remote point of the warehouse a standard vigor point, to which l2-acl with motorola is not applied and the Tajiks manage to spoil the dhcp leases with their phones.
*windows-dhcp is ugly
Similar questions
N
D
S
N
V
Didn't find what you were looking for?
Ask your questionAsk a Question
731 491 924 answers to any question