找回密码
 注册

QQ登录

只需一步,快速开始

搜索
查看: 7439|回复: 4

mono 外网的网关ip 和mac 地址怎么绑?

[复制链接]
发表于 2006-5-7 14:57:53 | 显示全部楼层 |阅读模式

马上注册,结交更多好友,享用更多功能,让你轻松玩转社区。

您需要 登录 才可以下载或查看,没有账号?注册

×
搜过了 不过大多讲的是内网绑定  外网的还没有发现.dhcp server 下面的的+也试过了  提示说必须是一个内网ip     请高手指点

ay 7 06:58:14 /kernel: arp: 218.200.128.129 moved from 00:e0:4c:7f:c1:bc to 00:e0:52:15:80:a0 on fxp1
May 7 06:58:14 /kernel: arp: 218.200.128.129 moved from 00:e0:52:15:80:a0 to 00:e0:4c:7f:c1:bc on fxp1





Apr 19 08:10:11 /kernel: arp: 218.200.128.129 moved from 00:0f:3d:80:45:5b to 00:e0:52:15:80:a0 on fxp1
Apr 19 08:10:13 /kernel: arp: 218.200.128.129 moved from 00:e0:52:15:80:a0 to 00:0f:3d:80:45:5b on fxp1

上面的网络环境 真的搞不下去了

[ 本帖最后由 daobiao 于 2006-5-7 15:41 编辑 ]
routeros
发表于 2006-5-8 11:13:48 | 显示全部楼层
与外网的方法一样,用arp -s ip mac
routeros
回复

使用道具 举报

 楼主| 发表于 2006-5-9 11:17:27 | 显示全部楼层
原帖由 wuxj 于 2006-5-8 11:13 发表
与外网的方法一样,用arp -s ip mac


在网吧客户机上绑吗? 行不行哦!
真希望上面的东东可以直接敲到mono里面去


16.6. Does m0n0wall support MAC address filtering?
Short answer: Not yet. (i.e. you cannot specify MAC addresses in firewall rules)

Long answer: There are several "hacks" you may be able to use to achieve the desired end result.

Note
There is no bulletproof method of access control by MAC address. Keep in mind that MAC addresses are easy to change and spoof.
16.6.1. Using Captive Portal and MAC pass-through
You can utilize Captive Portal and its MAC pass-through functionality for rudimentary MAC address restrictions.

Enable Captive Portal on the desired interface (e.g. LAN) at the Services -> Captive Portal screen. Create a HTML page of your liking that does not include the submit button so the user cannot authenticate with the captive portal. Other settings can all be left at their defaults.
Click the "Pass-through MAC" tab on the Captive Portal screen. Click the + to start adding permitted MAC addresses. In the MAC address box, type in the six hex octets separated by colons (e.g. ab:cd:ef:12:34:56), optionally (but recommended) enter a description, and click Save. Repeat for every authorized host on your network.
16.6.2. Using DHCP reservations and firewall rules
First, set up your DHCP scope. At the bottom of the Services -> DHCP screen, add every authorized MAC address on your network, and check the "Deny unknown clients" box. This will prevent an unauthorized machine from getting an IP address from DHCP.

16.6.3. Using Static ARP
You can ensure certain MAC addresses can only use a certain IP by using static ARP.

To add a static ARP entry, use /exec.php to run the arp command.

arp -s 192.168.1.11 ab:cd:ef:12:34:56
To verify this addition, run 'arp -a' in exec.php and you'll see the following in the list.

? (192.168.1.11) at ab:cd:ef:12:34:56 on sis2 [ethernet]
This change will not survive a reboot. You need to put the arp -s command in your config.xml in . See this FAQ entry for more information on hidden config.xml options



好像是可以敲进去的  不过我英文不是很好  一个是不知道在那里敲   第二它怎么也是内网ip?

[ 本帖最后由 daobiao 于 2006-5-9 11:34 编辑 ]
routeros
回复

使用道具 举报

发表于 2006-5-9 14:48:18 | 显示全部楼层
外网当然是绑在m0n0上,绑下边有啥用,可以下载config.xml后用
arp -s ip mac
固定下来
加在段内就行。
重新上传就OK了。
routeros
回复

使用道具 举报

 楼主| 发表于 2006-5-9 15:09:19 | 显示全部楼层
原帖由 wuxj 于 2006-5-9 14:48 发表
外网当然是绑在m0n0上,绑下边有啥用,可以下载config.xml后用
arp -s ip mac
固定下来
加在段内就行。
重新上传就OK了。



非常感谢   已经在改了
routeros
回复

使用道具 举报

您需要登录后才可以回帖 登录 | 注册

本版积分规则

QQ|Archiver|手机版|小黑屋|软路由 ( 渝ICP备15001194号-1|渝公网安备 50011602500124号 )

GMT+8, 2024-12-26 12:16 , Processed in 0.057335 second(s), 14 queries , Gzip On, Redis On.

Powered by Discuz! X3.5 Licensed

© 2001-2024 Discuz! Team.

快速回复 返回顶部 返回列表