quota and mac addresses

Report issues relating to bandwith monitoring, bandwidth quotas or QoS in this forum.

Moderator: Moderators

jooocker
Posts: 7
Joined: Thu Nov 26, 2015 8:16 pm

Re: quota and mac addresses

Post by jooocker »

Yes,, Just try connect from outsider MAC and static ip 192.168.1.11 witch have quota.


Blocking not working because of quota give allowance to MAC.

I think the ideal solution it by set option "block all clients not assigned from to gargoyle DHCP server"


try it, and tell me if i am wrong.

Thanks

Tareq
Posts: 58
Joined: Mon Dec 14, 2015 6:56 am

Re: quota and mac addresses

Post by Tareq »

Need to block all static MACs except the MACs in the assigned list.
TP-LINK WR841N. V8.4 | Gargoyle 1.9 | South Yemen

nworbnhoj
Posts: 914
Joined: Mon Jul 21, 2014 10:08 am
Location: Australia
Contact:

Re: quota and mac addresses

Post by nworbnhoj »

As discussed, Gargoyle already has an option to
"Block MAC addresses assigned a static IP that connect from a different IP".

jooocker wrote:"block all clients not assigned from to gargoyle DHCP server"
This is easy enough to develop, but the DHCP server will hand out an IP address to anybody who asks for one!

Tareq wrote:block all static MACs except the MACs in the assigned list
Once Known Devices is (hopefully) incorporated into Gargoyle you will be able to create a list of all Known Devices identified by their MAC address.
viewtopic.php?f=7&t=7900&start=10#p33962
Then it will be relatively easy to develop "Block unknown devices"

I think probably this all should boil down to just two tick boxes:
Enforce dhcp assignments (static or dynamic) & Block unknown devices

Remember though, that the mischievous will figure out how to spoof MAC addresses.

When I was at uni we had a wonderful system admin who erected only rudimentary security barriers and took the attitude that enquiring young minds who surmounted them were his best students (and gave them holiday jobs). We had a wow of a time ;-)
Can you help someone else get Gargoyle up and running?
TL-WDR3600 : Gargoyle 1.9.0 : NBN FixedWireless
TL-WR1043ND-V2 : Gargoyle 1.8.0 : 3G Huawei E160E

Tareq
Posts: 58
Joined: Mon Dec 14, 2015 6:56 am

Re: quota and mac addresses

Post by Tareq »

Great,

Enforce dhcp assignments
Mean , block any ip static that don't assigned from dhcp dynamic. Right?
TP-LINK WR841N. V8.4 | Gargoyle 1.9 | South Yemen

nworbnhoj
Posts: 914
Joined: Mon Jul 21, 2014 10:08 am
Location: Australia
Contact:

Re: quota and mac addresses

Post by nworbnhoj »

Gargoyle uses dnsmasq to provide dhcp services.

dnsmasq can be configured to provide a static IP address to some MACs and dynamic IP addresses to others. These assignments are recorded in /tmp/dhcp.leases

By "Enforce dhcp assignments" I mean if a MAC address turns up using an IP address different to the pairing recorded by dnsmasq in /tmp/dhcp.leases, then tell them to buzz off.

By "Block unknown devices" I mean that if the MAC address is not included in the list Known Devices specified by the Gargoyle admin, then tell them to buzz off.
Can you help someone else get Gargoyle up and running?
TL-WDR3600 : Gargoyle 1.9.0 : NBN FixedWireless
TL-WR1043ND-V2 : Gargoyle 1.8.0 : 3G Huawei E160E

Tareq
Posts: 58
Joined: Mon Dec 14, 2015 6:56 am

Re: quota and mac addresses

Post by Tareq »

Yes, i understand, that would be useful . :)
TP-LINK WR841N. V8.4 | Gargoyle 1.9 | South Yemen

nworbnhoj
Posts: 914
Joined: Mon Jul 21, 2014 10:08 am
Location: Australia
Contact:

Re: quota and mac addresses

Post by nworbnhoj »

nworbnhoj wrote:By "Enforce dhcp assignments" I mean if a MAC address turns up using an IP address different to the pairing recorded by dnsmasq in /tmp/dhcp.leases, then tell them to buzz off.

This bit has been done and will be in the next release :-)
Can you help someone else get Gargoyle up and running?
TL-WDR3600 : Gargoyle 1.9.0 : NBN FixedWireless
TL-WR1043ND-V2 : Gargoyle 1.8.0 : 3G Huawei E160E

Tareq
Posts: 58
Joined: Mon Dec 14, 2015 6:56 am

Re: quota and mac addresses

Post by Tareq »

nworbnhoj wrote:This bit has been done and will be in the next release


Maybe next release will be late, so can you give me the code of files which i will edit to get this feature.

Forget it, If this take a lot of your time.
TP-LINK WR841N. V8.4 | Gargoyle 1.9 | South Yemen

nworbnhoj
Posts: 914
Joined: Mon Jul 21, 2014 10:08 am
Location: Australia
Contact:

Re: quota and mac addresses

Post by nworbnhoj »

Tareq wrote:Maybe next release will be late, so can you give me the code of files which i will edit to get this feature.
You can find the 3 files here https://github.com/ericpaulbishop/gargo ... /440/files
Can you help someone else get Gargoyle up and running?
TL-WDR3600 : Gargoyle 1.9.0 : NBN FixedWireless
TL-WR1043ND-V2 : Gargoyle 1.8.0 : 3G Huawei E160E

Tareq
Posts: 58
Joined: Mon Dec 14, 2015 6:56 am

Re: quota and mac addresses

Post by Tareq »

Thank you, i will try it.
TP-LINK WR841N. V8.4 | Gargoyle 1.9 | South Yemen

Post Reply