authenicate internet access through MACs

Ali Jawad alijawad1 at gmail.com
Sun Oct 22 17:00:51 CEST 2006


Hi
Ive got a debian router and a switch through which I provide internet
access to some of the residents of my building...I want to implement a
mechanism so that only the computers I specify can access the
Internet...I could do it through squid but if I do so it would allow
me only to restrict traffic going through port 80 what about Internet
applications that use other ports such as ftp, smtp, yahoo and msn. I
want to use a mechanism that allows me to authenicate PCs based on mac
address and only those computers are allowed to access the internet.
One particular solution could be blocking all access to the router
unless the request have the source mac from an authorised PC..but I
would prefer another approach if available...since Iam not going to
operate the router..and the firewall script was written using VIM and
the oprerator needs a web interface to operate the router.

I ve got a freeradius server setup and running on the router with the
dialup admin interface..I have done this setup previoulsy with pppoe
and freeradius.
I can not use pppoe this time..so I would like to know if there is a
mechanism that allows me to redirect all the requests coming to the
router through radius and access is granted upon the authenication
info found in the radius database. I use to do that by loading
radius.so each time a request to the pppoe server is made by including
radius.so in the pppoe.options file..but I have no clue on how to do
it this time.

Any suggestions are welcome

-- 
With Regards Ali Jawad



More information about the Freeradius-Users mailing list