Total Pageviews
Banner 125x125 Or 125 x 250
Only
$1 / Month
Contact Me Via Email At: tikimedia@yahoo.com
Recent Comments
Follow by Email
Popular Posts
-
Bookmark how to insert code that appears in each post. The interesting thing is that many of the bloggers wrong in choosing the code so that... -
The new facility is more than blogger.com Scheduled Posts, with the facility Scheduled Posts (Scheduled Posts) we will be facilitated throug... -
The Importance of Referrer Logs This fascinating thrill ride is filled with all the twists and turns of exciting information, so be sure to ...
-
Are you feeling if your PC is experiencing slow performance? That may be because your windows registry in need of cleaning. There are many t...
-
We have numerous other articles written on this very subject. Each one tackles a different aspect of this complex topic. Making solid that y...
-
Turkish Prime Minister Recep Tayyip Erdogan vowed to respond to attack Kurdish rebels who killed 13 Turkish troops. Kurdish rebels had kill...
-
On World Malaria Day is commemorated 25 April the world is reminded of malaria remains a major public health problem. More than 500 million...
-
Tea beneficial for health. Benefits include tea as an antioxidant, repairing damaged cells, smooth skin, slim body, prevent cancer, prevent ...
-
Chelsea continued to hunt the player, in order to increase the strength squad Andre Villas-Boas. Rumored that one of the game players are wi...
-
The new findings for neck pain. Healing neck pain is usually done with physiotherapy, massage and pain-reducing medication. But now a new me...
Recent Post
Review
Health
Female
International
Internet
Blog Archive
-
►
2012
(120)
-
►
May
(50)
- issue of Syria Could Be The debate in the U.S. Pre...
- Web Design Services
- Capcom Promises Faster Production of a New Game
- Former Japanese Prime Problem Fukushima Questioned...
- Iran Announces New Nuclear Plant Development
- Juve Suggested Take Gattuso
- Defeat Estonia, Bilic fact Confused
- Chong Wei Time Only Have Two Weeks
- opponent Bontang, Momentum Resurrection Persijap
- Nurse The Ideal Nurse Is Good
- "Myanmar military Do Crime Humanity"
- Mazda and Alfa Duet Design New MX-5
- German Chancellor cornered, The Strong Opposition
- Payday Game: The Heist & Left 4 Dead Will Collabor...
- Everest climbers. Increased So who killed 3 people...
- Spurs Make a note of victory to 17
- Walcott be sold?
- June, Rayman Origins 3DS Version Launched
- Pierfilippo: Not Contacted Capello Chelsea
- "Ghost" Arrested Drug
- "Black List" Bayern ala Lampard
- Djokovic and Murray Skip Adangan Prime
- New Ferrari Enzo Priced Rp7, 7 M
- 32 Killed in Latest Violence in Yemen
- Keep Malaysia Clean Protest leader "terrorized"
- Earthquake rattles Chile
- Lotus Evora GTC, the Successor Enduro GT4
- want Buried, Hamdi "Life Again"
- Market Price Information About Cars
- Pep Confident Villa Can Shown in Euro 2012
- Nokia Lumia 900 Defeat HTC One X
- Egyptian Candidates Debate Broadcast First
- Senner Tuning Nissan Juke Make More Powerful
- Success in online business
- Bond Aviation Fleet Allow EC135 Heli Fly Again
- Selection Of Proper Business
- Large chance to profit
- A way to appear on the website Pageone seo
- Sharapova and Azarenka Drove
- Three Formulas Children's Room Organizing Strategi...
- Samsung Show off Windows Phone Focus 2
- Commemorating 70 Years Doolittle Attacks
- Lakers After staying one step
- Difficult Open Bottle Caps, Use iPad Charger
- Nine Athletes to Championship Grand Prix Asia
- Suspected Russian Space Program sabotaged
- Microsoft SQL Server Adopted PT Adaro Energy
-
►
May
(50)
My Friends
Since there is an interesting question from one member of a mailing list that I follow, what if our clients numbered many tens or hundreds. The important thing is, we have a list of IP Address and MAC Address client is connected. By using a few simple lines of bash script, we can make the automation.
Here are the steps:
1. Create a file called rc.iplock in the directory / etc / rc.d / with the following contents:
#! / Bin / bash
# Bash script Lock, IP Address and MAC Address
iptables = "/ sbin / iptables" # path to iptables
files = "/ etc / rc.d / list.txt" # path to list the IP Address and MAC Address
device = "eth1" # ethernet devices to the client
lockall = "yes" # yes | no, yes if you register all of the IP & MAC Address
# If not, write no.
# Yes to the first method, no to the second method
if [$ lockall = "yes"]; then
$ Iptables-I PREROUTING-t nat-i $ device-j DROP
cat $ files | while read ip_address mac_address; do
$ Iptables-I PREROUTING-t nat-i $-s $ ip_address devices
-M mac - mac-source $ mac_address-j ACCEPT
$ Iptables-I FORWARD-i $ device-s! $ Ip_address
-M mac - mac-source $ mac_address-j DROP
$ Iptables-t nat-I PREROUTING-s! $ Ip_address
-M mac - mac-source $ mac_address-j DROP
done
Elif [$ lockall = "no"], then
$ Iptables-I PREROUTING-t nat-i $ device-j ACCEPT
cat $ files | while read ip_address mac_address; do
$ Iptables-I FORWARD-i $ device-s! $ Ip_address
-M mac - mac-source $ mac_address-j DROP
$ Iptables-t nat-I PREROUTING-s! $ Ip_address
-M mac - mac-source $ mac_address-j DROP
done
fi
echo "Locking IP address and Mac Address ..."
# End script
2. Create a file called list.txt in the directory / etc / rc.d / with the format of writing as follows:
" onmouseover="this.style.backgroundColor='#ebeff9'" onmouseout="this.style.backgroundColor='#fff'">
Warning! Do not add any lines or anything other than the format of the above sentence!
Example contents of / etc / rc.d / list.txt for three clients:
192.168.1.5 00:89: CD: 64:01: EF
192.168.1.20 00:90: DD: 14:11: CF
192.168.1.14 00:40: EE: 21:26: GE
3. Set file rc.iplock order in execution:
chmod + x / etc / rc.d / rc.iplock
4. Add in the file / etc / rc.d / rc.local in order to be executed at start-up:
/ Etc / rc.d / rc.iplock
5. Run:
/ Etc / rc.d / rc.iplock
6. Done! Congratulations you can star = P
Here are the steps:
1. Create a file called rc.iplock in the directory / etc / rc.d / with the following contents:
#! / Bin / bash
# Bash script Lock, IP Address and MAC Address
iptables = "/ sbin / iptables" # path to iptables
files = "/ etc / rc.d / list.txt" # path to list the IP Address and MAC Address
device = "eth1" # ethernet devices to the client
lockall = "yes" # yes | no, yes if you register all of the IP & MAC Address
# If not, write no.
# Yes to the first method, no to the second method
if [$ lockall = "yes"]; then
$ Iptables-I PREROUTING-t nat-i $ device-j DROP
cat $ files | while read ip_address mac_address; do
$ Iptables-I PREROUTING-t nat-i $-s $ ip_address devices
-M mac - mac-source $ mac_address-j ACCEPT
$ Iptables-I FORWARD-i $ device-s! $ Ip_address
-M mac - mac-source $ mac_address-j DROP
$ Iptables-t nat-I PREROUTING-s! $ Ip_address
-M mac - mac-source $ mac_address-j DROP
done
Elif [$ lockall = "no"], then
$ Iptables-I PREROUTING-t nat-i $ device-j ACCEPT
cat $ files | while read ip_address mac_address; do
$ Iptables-I FORWARD-i $ device-s! $ Ip_address
-M mac - mac-source $ mac_address-j DROP
$ Iptables-t nat-I PREROUTING-s! $ Ip_address
-M mac - mac-source $ mac_address-j DROP
done
fi
echo "Locking IP address and Mac Address ..."
# End script
2. Create a file called list.txt in the directory / etc / rc.d / with the format of writing as follows:
Example contents of / etc / rc.d / list.txt for three clients:
192.168.1.5 00:89: CD: 64:01: EF
192.168.1.20 00:90: DD: 14:11: CF
192.168.1.14 00:40: EE: 21:26: GE
3. Set file rc.iplock order in execution:
chmod + x / etc / rc.d / rc.iplock
4. Add in the file / etc / rc.d / rc.local in order to be executed at start-up:
/ Etc / rc.d / rc.iplock
5. Run:
/ Etc / rc.d / rc.iplock
6. Done! Congratulations you can star = P
0 Comments for Automation of IP and MAC Address firewalling with bash script
Leave a comment!