Summary: In this article i tried to explain how to block unauthorized users permanently to live without Internet within the office.
I have installed a squid 2.7 transparently and also implemented sarg for reports. but i am facing a problem here. i have configure my network users in dhcp.conf. but there are some other users appears in my sarg reports with a heavy downloads. I want to block unauthorized users permanently and will have to open their access when they will have approved permission from higher management.
now i have to do some thing specials for these guys.
i am going to invite them on lunch.
i just open terminal on my server, and run the command
I found all the MAC Address and IP Address. I do have a MAC table of my network users.
Then i copy all the MAC address that are not listed in my MAC table and create another file for them, past all with in a file.
After that i open the terminal and run the following commands to:
To check my iptables Rules:
Then Run the command to block each MAC user that i have in newly created file.Executing the following two commands repeatedly for each user.
iptables -A INPUT -m mac –mac-source 00:xx:6b:xx:05:xx -j DROP
iptables -A FORWARD -m mac –mac-source 00:xx:6b:xx:05:xx -j DROP
then check out the command
All the unauthorized users are blocked now.
If i want to give access to some one later on i will have to follow the simple steps.
iptables -D INPUT -m mac –mac-source 00:xx:6b:xx:05:xx -j DROP
iptables -D FORWARD -m mac –mac-source 00:xx:6b:xx:05:xx -j DROP
service iptables-save to check the specific entry is deleted from IPTABLES-RULES.
Now the Users are authorized and can access the Internet.
Now who is going to pay for lunch. Don’t worry i am going to pay.