1 |
I have my WiFi network on a hostapd controlled 10.10.10.* range and my |
2 |
wired LAN on a 192.168.1.* range. |
3 |
|
4 |
I try to be a "nice guy" and leave the WiFi 'open' (no WEP) as it's |
5 |
segregated and I use some proper shorewall rules to route things nicely |
6 |
for my various privileged devices. Also, some WiFi devices I have just |
7 |
don't support WEP, and it's a real hassle to get others working with |
8 |
WEP. |
9 |
|
10 |
I don't mind the occasional person jumping on to check movie times or |
11 |
traffic or get email or whatever. I think bandwidth should be free for |
12 |
everyone and it is sure a life saver when you need to quickly get online |
13 |
for something. |
14 |
|
15 |
Anyways, sometimes I have stupid neighbors who don't quite "get it" and |
16 |
will just blindly let their computers connect to my WAP. UGH! They sit |
17 |
on it for hours and days and generally piss me off. |
18 |
|
19 |
How can I boot someone off my network? I usually add them to my |
20 |
shorewall blacklist file, and then: |
21 |
|
22 |
/etc/init.d/dhcp restart |
23 |
/etc/init.d/shorewall restart |
24 |
|
25 |
But I still see them on there it seems. |
26 |
http://daevid.com/examples/dhcp |
27 |
(essentially it's doing an 'arp -n' and then I parse that info and make |
28 |
it pretty) |
29 |
|
30 |
daevid dhcp # arp -n |
31 |
Address HWtype HWaddress Flags Mask |
32 |
Iface |
33 |
10.10.10.7 ether 00:06:25:12:4A:D8 C |
34 |
wlan0 |
35 |
10.10.10.27 ether 00:19:7E:C5:02:AB C |
36 |
wlan0 |
37 |
67.168.160.1 ether 00:01:5C:23:D7:02 C |
38 |
eth0 |
39 |
10.10.10.69 ether 00:02:6F:21:DF:5C C |
40 |
wlan0 |
41 |
192.168.1.18 ether 00:0C:F1:A8:F7:F3 C |
42 |
eth1 |
43 |
|
44 |
I googled and found this little nugget that I thought would work: |
45 |
http://www.linuxforums.org/forum/linux-newbie/5752-dhcpd-iptables-deny-m |
46 |
ac-addresses.html |
47 |
|
48 |
# iptables -A FORWARD -m mac --mac-source 00:19:7E:C5:02:AB -j DROP |
49 |
|
50 |
But I still see this squatter. And I can feel my network being sluggish |
51 |
as they're probably downloading a lot of stuff. |
52 |
|
53 |
-- |
54 |
gentoo-user@g.o mailing list |