IP-MAC records

cyb.0rg · Fri Sep 16, 2005 3:40 am

Hi ALL !

Is it possible to control IP-MAC records ?
Is it possible to close ALL connections for user who changed IP ?
Is it possible to log it ?
thx

Fri Sep 16, 2005 9:57 am

you canconfigure ARP table, by adding static entries (IP address, MAC-address, interface host connected).

Than user, who have specific MAC-address, uses specific IP address.

cyb.0rg · Fri Sep 16, 2005 2:09 pm

i know it, but is it really works ? if somebody change IP he can't have any connections ?
remain : is it possible to log changing IP or mac ?

Fri Sep 16, 2005 2:16 pm

yes, it works.
if somebody with wrong IP address regarding to MAC (entries in ARP table) tries to connect trough the Router, he(she, any other) can not.

One way, how to catch to configure firewall rules, which restrict connections by mac and IP, then log and drop others.
See information in the logs.

Configuration with ARP table works faster.

yancho · Fri Sep 16, 2005 2:34 pm

yep it works
for ip changes log you can use something like:

/ip firewall rule forward
add src-address=!x.x.x.x/32 src-mac-address=xx:xx:xx:xx:xx:xx action=drop log=yes

but this code don't log mac changes

for log mac changes, i guess this should help:

/ip firewall rule forward
add src-address=x.x.x.x/32 src-mac-address=!xx:xx:xx:xx:xx:xx action=drop log=yes

syntax for routeros version 2.8

p.s. sergejs is too fast for me ;)

Fri Sep 16, 2005 2:40 pm

It is recommendable to use ARP.

If you want to use firewall and loggind rules, than 2.9 version has some changes.
To log and execute some action, you will need two rules,
one logging rule, and than action rule after it.

If you have problems with security in your network, may be try to configure HotSpot ?

sten · Fri Sep 16, 2005 5:11 pm

Static arp leaves your network vulnerable to many problems.

IP-MAC records

IP-MAC records

Who is online