| View previous topic :: View next topic |
| Author |
Message |
WhoaMan
n00b
Joined: 28 May 2006
Posts: 2
Location: Idaho Falls, Idaho
|
 Posted: Sun May 28, 2006 4:57 pm Post subject: advacned router/gateway questions |
 |
|
I would like to setup a gentoo router that will do one of two things based on the MAC address of the client computer. i would like to have the dhcpd look up the MAC address in an SQL table, if it is found in the table then i would like it to issue an ip address in the 192.168.0 class and allow them to connect to internet thru the gateway. if the MAC address is not found, i would like it to issue an IP in the 192.168.1 class and direct all port 80 traffic to a page asking for a username and password.... when a valid username and password is submited it will let them reboot and connect in the 192.168.0 class. I have been looking around for information on how to setup such a system but i am not all to sure where to look or what to look for. does anyone have any pointers or guides?
thanks:) |
|
| Back to top |
|
 |
tutaepaki
Apprentice
Joined: 10 Nov 2003
Posts: 264
Location: New Zealand
|
| Posted: Sun May 28, 2006 10:34 pm Post subject: |
|
|
I don't know if dhcpd will look up a DB directly, so you will probably have to do this in 2 pieces.
one piece would be a script which runs every x minutes and gets the MAC addresses from the DB, and recreates the DHCPD.conf file. The dhcpd.conf file would have a bunch of static assignments for the known MACs in the 192.168.0 network, and a dynamic pool of 192.168.1 for everything else. e.g.
| Code: | subnet 192.168.1.0 netmask 255.255.255.0 {
range 192.168.1.2 192.168.1.253;
}
# Static addresses
host host1 {
hardware ethernet xx:xx:xx:xx:xx:xx;
fixed-address 192.168.0.2;
}
host host2 {
hardware ethernet xx:xx:xx:xx:xx:xx;
fixed-address 192.168.0.3;
}
|
Then, in iptables, you'd want a rule in the PREROUTING chain to redirect all traffic from the 192.168.1 network to your web page. e.g.
| Code: | | iptables -t nat -I PREROUTING -i eth0 -s 192.168.1.0/24 -j DNAT --to ip:80 |
And finally, your little web page to authenticate and then update the MAC tables in your DB. This could just as easily be a flat text file.
sounds like a neat idea, I just deny internet access to any MAC address not in my dhcpd.conf file  |
|
| Back to top |
|
|
WhoaMan
n00b
Joined: 28 May 2006
Posts: 2
Location: Idaho Falls, Idaho
|
| Posted: Tue May 30, 2006 1:04 am Post subject: |
|
|
| thanks for the input, for what i need.... i think i will just have to edit dhcpd and a few other things to get data and store data in an SQL database... the biggest reason for this is that when a username/password is enteterd to register the mac address.... i need to have a way to pair it up with the IP address... the easiest way i can think of is to store the DHCP lease information in the database and have webscript lookup the MAC using the IP address. |
|
| Back to top |
|
|
|
|
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
|
|
Networking & Security
