| 1 |
On Wednesday 10 October 2007, Ow Mun Heng wrote: |
| 2 |
> On Wed, 2007-10-10 at 10:10 +0200, Alan McKinnon wrote: |
| 3 |
> > On Wednesday 10 October 2007, Daevid Vincent wrote: |
| 4 |
> > > Anyways, sometimes I have stupid neighbors who don't quite "get it" |
| 5 |
> > > and will just blindly let their computers connect to my WAP. UGH! |
| 6 |
> > > They sit on it for hours and days and generally piss me off. |
| 7 |
> > > |
| 8 |
> > > How can I boot someone off my network? I usually add them to my |
| 9 |
> > > shorewall blacklist file, and then: |
| 10 |
> > |
| 11 |
> > You run dhcp? Just exclude that MAC address from getting a lease. |
| 12 |
> > |
| 13 |
> > No IP address = no route = problem solved |
| 14 |
> > |
| 15 |
> > For a second level of teach-them-a-lessonness, iptables has a 'mac' |
| 16 |
> > extension. Use that to match the MAC address and DROP all patches in |
| 17 |
> > your outgoing firewall FORWARD chain |
| 18 |
> |
| 19 |
> Better yet.. redirect them to a (random) page that shows everything |
| 20 |
> about cats. |
| 21 |
> |
| 22 |
> I read this one from google. |
| 23 |
|
| 24 |
Since you mention Google, I remember reading about a NASA style AP |
| 25 |
authentication which may be of interest to the OP: |
| 26 |
|
| 27 |
Essentially you run a web server with SSL authentication so that only users |
| 28 |
who authenticate with user name/passwd that you have provided, are issued |
| 29 |
with an IP address by your dhcp server. In this way you can control who's |
| 30 |
using your bandwidth; what they use it for; e.g. only mail; or mail & http; |
| 31 |
etc. If you are interested in providing this as a service then you issue |
| 32 |
usernames/passwds to applicants via email. Additionally, you can run QoS and |
| 33 |
throttle http, or bitorrent (ab)users, a proxy caching server, and what not. |
| 34 |
|
| 35 |
PS. Where I live I have to pay for bandwidth (although where I currently work |
| 36 |
I don't). So your concept of offering bandwidth for free seems somewhat |
| 37 |
strange to me. Furthermore, I would be concerned what different people may |
| 38 |
be using the Internet for and what trouble I could get into, for being the |
| 39 |
registered owner of the particular public IP address. That said, I would |
| 40 |
looove being your neighbor! :) |
| 41 |
-- |
| 42 |
Regards, |
| 43 |
Mick |
Archives