I have a network that allows anonymous people use the open wifi network. Because of the nature of this organization they content filter the connection and would like to permanently block people who abuse this connection. I currently use the maclist and have they disposition set to accept. This generates many log entrys when someone uses this connection and does not tell me if this person has tried to connect(That I have seen). It appears that a drop rule would best meet my needs would be: DROP:info wifi:~00-16-cb-bf-8e-fa all all I would probaly make this a list of mac address in the params. Would this be efficent, reasonable, and recomended? Is there a better way? ------------------------------------------------------------------------- Take Surveys. Earn Cash. Influence the Future of IT Join SourceForge.net''s Techsay panel and you''ll get the chance to share your opinions on IT & business topics through brief surveys - and earn cash http://www.techsay.com/default.php?page=join.php&p=sourceforge&CID=DEVDEV
Todd Johnson wrote:> It appears that a drop rule would best meet my needs would be: > DROP:info wifi:~00-16-cb-bf-8e-fa all all > > I would probaly make this a list of mac address in the params. > > Would this be efficent, reasonable, and recomended? Is there a better > way?In Shorewall 3.2, the maclist file has been extended to allow specification of a DISPOSITION on each rule. I would recommending using that approach. -Tom Note: While the comments in the file don''t mention it, the DISPOSITION may be followed by ":" and a log level. See http://shorewall.net/MAC_Validation.html. -Tom -- Tom Eastep \ Nothing is foolproof to a sufficiently talented fool Shoreline, \ http://shorewall.net Washington USA \ teastep@shorewall.net PGP Public Key \ https://lists.shorewall.net/teastep.pgp.key ------------------------------------------------------------------------- Take Surveys. Earn Cash. Influence the Future of IT Join SourceForge.net''s Techsay panel and you''ll get the chance to share your opinions on IT & business topics through brief surveys - and earn cash http://www.techsay.com/default.php?page=join.php&p=sourceforge&CID=DEVDEV
Thank you Tom. Exactly what I was looking for. On Tue, 2006-12-12 at 07:10 -0800, Tom Eastep wrote:> Todd Johnson wrote: > > > It appears that a drop rule would best meet my needs would be: > > DROP:info wifi:~00-16-cb-bf-8e-fa all all > > > > I would probaly make this a list of mac address in the params. > > > > Would this be efficent, reasonable, and recomended? Is there a better > > way? > > In Shorewall 3.2, the maclist file has been extended to allow specification of a > DISPOSITION on each rule. I would recommending using that approach. > > -Tom > > Note: While the comments in the file don''t mention it, the DISPOSITION may be > followed by ":" and a log level. See http://shorewall.net/MAC_Validation.html. > > -Tom > ------------------------------------------------------------------------- > Take Surveys. Earn Cash. Influence the Future of IT > Join SourceForge.net''s Techsay panel and you''ll get the chance to share your > opinions on IT & business topics through brief surveys - and earn cash > http://www.techsay.com/default.php?page=join.php&p=sourceforge&CID=DEVDEV > _______________________________________________ Shorewall-users mailing list Shorewall-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/shorewall-users------------------------------------------------------------------------- Take Surveys. Earn Cash. Influence the Future of IT Join SourceForge.net''s Techsay panel and you''ll get the chance to share your opinions on IT & business topics through brief surveys - and earn cash http://www.techsay.com/default.php?page=join.php&p=sourceforge&CID=DEVDEV