Gentoo Archives: gentoo-user

From: Mick <michaelkintzios@×××××.com>
To: gentoo-user@l.g.o
Subject: Re: [gentoo-user] OT: how do I kick a MAC address off my hostapd WiFi network?
Date: Wed, 10 Oct 2007 20:20:49
Message-Id: 200710102037.21161.michaelkintzios@gmail.com
In Reply to: Re: [gentoo-user] OT: how do I kick a MAC address off my hostapd WiFi network? by Ow Mun Heng
1 On Wednesday 10 October 2007, Ow Mun Heng wrote:
2 > On Wed, 2007-10-10 at 10:10 +0200, Alan McKinnon wrote:
3 > > On Wednesday 10 October 2007, Daevid Vincent wrote:
4 > > > Anyways, sometimes I have stupid neighbors who don't quite "get it"
5 > > > and will just blindly let their computers connect to my WAP. UGH!
6 > > > They sit on it for hours and days and generally piss me off.
7 > > >
8 > > > How can I boot someone off my network? I usually add them to my
9 > > > shorewall blacklist file, and then:
10 > >
11 > > You run dhcp? Just exclude that MAC address from getting a lease.
12 > >
13 > > No IP address = no route = problem solved
14 > >
15 > > For a second level of teach-them-a-lessonness, iptables has a 'mac'
16 > > extension. Use that to match the MAC address and DROP all patches in
17 > > your outgoing firewall FORWARD chain
18 >
19 > Better yet.. redirect them to a (random) page that shows everything
20 > about cats.
21 >
22 > I read this one from google.
23
24 Since you mention Google, I remember reading about a NASA style AP
25 authentication which may be of interest to the OP:
26
27 Essentially you run a web server with SSL authentication so that only users
28 who authenticate with user name/passwd that you have provided, are issued
29 with an IP address by your dhcp server. In this way you can control who's
30 using your bandwidth; what they use it for; e.g. only mail; or mail & http;
31 etc. If you are interested in providing this as a service then you issue
32 usernames/passwds to applicants via email. Additionally, you can run QoS and
33 throttle http, or bitorrent (ab)users, a proxy caching server, and what not.
34
35 PS. Where I live I have to pay for bandwidth (although where I currently work
36 I don't). So your concept of offering bandwidth for free seems somewhat
37 strange to me. Furthermore, I would be concerned what different people may
38 be using the Internet for and what trouble I could get into, for being the
39 registered owner of the particular public IP address. That said, I would
40 looove being your neighbor! :)
41 --
42 Regards,
43 Mick

Attachments

File name MIME type
signature.asc application/pgp-signature