1 |
On Wednesday 10 October 2007, Ow Mun Heng wrote: |
2 |
> On Wed, 2007-10-10 at 10:10 +0200, Alan McKinnon wrote: |
3 |
> > On Wednesday 10 October 2007, Daevid Vincent wrote: |
4 |
> > > Anyways, sometimes I have stupid neighbors who don't quite "get it" |
5 |
> > > and will just blindly let their computers connect to my WAP. UGH! |
6 |
> > > They sit on it for hours and days and generally piss me off. |
7 |
> > > |
8 |
> > > How can I boot someone off my network? I usually add them to my |
9 |
> > > shorewall blacklist file, and then: |
10 |
> > |
11 |
> > You run dhcp? Just exclude that MAC address from getting a lease. |
12 |
> > |
13 |
> > No IP address = no route = problem solved |
14 |
> > |
15 |
> > For a second level of teach-them-a-lessonness, iptables has a 'mac' |
16 |
> > extension. Use that to match the MAC address and DROP all patches in |
17 |
> > your outgoing firewall FORWARD chain |
18 |
> |
19 |
> Better yet.. redirect them to a (random) page that shows everything |
20 |
> about cats. |
21 |
> |
22 |
> I read this one from google. |
23 |
|
24 |
Since you mention Google, I remember reading about a NASA style AP |
25 |
authentication which may be of interest to the OP: |
26 |
|
27 |
Essentially you run a web server with SSL authentication so that only users |
28 |
who authenticate with user name/passwd that you have provided, are issued |
29 |
with an IP address by your dhcp server. In this way you can control who's |
30 |
using your bandwidth; what they use it for; e.g. only mail; or mail & http; |
31 |
etc. If you are interested in providing this as a service then you issue |
32 |
usernames/passwds to applicants via email. Additionally, you can run QoS and |
33 |
throttle http, or bitorrent (ab)users, a proxy caching server, and what not. |
34 |
|
35 |
PS. Where I live I have to pay for bandwidth (although where I currently work |
36 |
I don't). So your concept of offering bandwidth for free seems somewhat |
37 |
strange to me. Furthermore, I would be concerned what different people may |
38 |
be using the Internet for and what trouble I could get into, for being the |
39 |
registered owner of the particular public IP address. That said, I would |
40 |
looove being your neighbor! :) |
41 |
-- |
42 |
Regards, |
43 |
Mick |