Page 1 of 1
IP-MAC records
Posted: Fri Sep 16, 2005 3:40 am
by cyb.0rg
Hi ALL !
Is it possible to control IP-MAC records ?
Is it possible to close ALL connections for user who changed IP ?
Is it possible to log it ?
thx
Posted: Fri Sep 16, 2005 9:57 am
by sergejs
you canconfigure ARP table, by adding static entries (IP address, MAC-address, interface host connected).
Than user, who have specific MAC-address, uses specific IP address.
Posted: Fri Sep 16, 2005 2:09 pm
by cyb.0rg
i know it, but is it really works ? if somebody change IP he can't have any connections ?
remain : is it possible to log changing IP or mac ?
Posted: Fri Sep 16, 2005 2:16 pm
by sergejs
yes, it works.
if somebody with wrong IP address regarding to MAC (entries in ARP table) tries to connect trough the Router, he(she, any other) can not.
One way, how to catch to configure firewall rules, which restrict connections by mac and IP, then log and drop others.
See information in the logs.
Configuration with ARP table works faster.
Posted: Fri Sep 16, 2005 2:34 pm
by yancho
yep it works
for ip changes log you can use something like:
/ip firewall rule forward
add src-address=!x.x.x.x/32 src-mac-address=xx:xx:xx:xx:xx:xx action=drop log=yes
but this code don't log mac changes
for log mac changes, i guess this should help:
/ip firewall rule forward
add src-address=x.x.x.x/32 src-mac-address=!xx:xx:xx:xx:xx:xx action=drop log=yes
syntax for routeros version 2.8
p.s. sergejs is too fast for me ;)
Posted: Fri Sep 16, 2005 2:40 pm
by sergejs
It is recommendable to use ARP.
If you want to use firewall and loggind rules, than 2.9 version has some changes.
To log and execute some action, you will need two rules,
one logging rule, and than action rule after it.
If you have problems with security in your network, may be try to configure HotSpot ?
Posted: Fri Sep 16, 2005 5:11 pm
by sten
Static arp leaves your network vulnerable to many problems.