iptables question

smirn0ff · 04-11-2005, 07:25 AM

Hi,
my firewall is iptables...

I have a wLAN netwotk with corporate clients everyone with single IP.
I need to restrict users to view eachother ( the one client must NOT see the others).

I've tried some rules but anyone views the others.

I need advice from you.
10x

smirn0ff · 04-11-2005, 08:02 AM

someone help me?!?

aqoliveira · 04-11-2005, 11:34 AM

howzit

Give us some more to work with.

What protocol or service are u using to say that everyone can see each other? Or what method is being used to commnunicate with one another?

cheers

smirn0ff · 04-12-2005, 04:05 AM

I need this because:
1.This will be open wireless network(with NO auth)
2.when this is open wireless network enyone will connect to it and someone may sniff the others and hack them
3.the clients are corporations stuff and on the machines maybe is stored private info

I use Linksys WRT54G(this is wireless AP)...the WRT54G is based on linux and have iptables v1.2.11 like linux...

aqoliveira · 04-12-2005, 04:17 AM

Howzit

What u can do is limit the access by MAC Address to the access piont this will only allow those machines with those MAC address to connect.

cheers

chrisfirestar · 04-13-2005, 03:03 AM

im not sure if this can really be accomplished 100% but a good start is to allow clients access ONLY to the gateway.

the mac address method is also workable.. you use a command like this:

$IPTABLES -A INPUT -i $INSIDE -s 192.168.1.7 -m mac --mac-source 00:00:00:00:00:00 -j ACCEPT

but unfortunately users do can always set their gateway to something else. they wont have access to internet but I think can still browse to network resources.