mailing list archives
Re: IP to MAC mapping
From: Devdas Bhagat <dvb () users sourceforge net>
Date: Sat, 23 Nov 2002 00:03:46 +0530
On 20/11/02 18:49 +0100, Johan Denoyer wrote:
we are currently looking into illegal usage of a protected network. We are
managing a class C network, and we would like to be able to detect illegal
usage of the network by finding the MAC address of the ip address used and
then checking it against a database.
This is a bad idea. Use the generic concept of a firewall and allow only
selected MAC addresses to be active on the network.
You could script up some iptables rules for these, and a rule to DROP
and LOG all other MAC addresses. The ruleset can be built automatically
from a database.