As Gargoyle only has wireless MAC address filter but cannot block LAN MAC address, so if the user sets static IP and plug into LAN port they can use other people's quota. So I need solution to block the LAN MAC address, I mean LAN MAC address filter function.
Hope I have explained clearly. Thanks.
Loophole of quota function
Moderator: Moderators
Loophole of quota function
Buffalo WZR-HP-G300NH2 DD-WRT v24SP2-MULTI (10/31/11) std
Buffalo WZR-HP-G300NH Gargoyle 1.5.9+1f082daf
Linksys WRT54GL Gargoyle 1.4.4
TP-Link TL-WR1043ND Gargoyle 1.5.9+1f082daf
Buffalo WZR-HP-G300NH Gargoyle 1.5.9+1f082daf
Linksys WRT54GL Gargoyle 1.4.4
TP-Link TL-WR1043ND Gargoyle 1.5.9+1f082daf
Re: Loophole of quota function
I look for solution block the LAN MAC address, I mean LAN MAC address filter function. Only allow the list MAC address connecte on LAN port as well.
Thansk
Thansk
Buffalo WZR-HP-G300NH2 DD-WRT v24SP2-MULTI (10/31/11) std
Buffalo WZR-HP-G300NH Gargoyle 1.5.9+1f082daf
Linksys WRT54GL Gargoyle 1.4.4
TP-Link TL-WR1043ND Gargoyle 1.5.9+1f082daf
Buffalo WZR-HP-G300NH Gargoyle 1.5.9+1f082daf
Linksys WRT54GL Gargoyle 1.4.4
TP-Link TL-WR1043ND Gargoyle 1.5.9+1f082daf
Re: Loophole of quota function
Please stop posting the same thing in multiple forums. One post is quite sufficient -- otherwise it's spam.
If you do it again, I'll ban you.
If you do it again, I'll ban you.
Re: Loophole of quota function
Sorry about thisEric wrote:Please stop posting the same thing in multiple forums. One post is quite sufficient -- otherwise it's spam.
If you do it again, I'll ban you.
Buffalo WZR-HP-G300NH2 DD-WRT v24SP2-MULTI (10/31/11) std
Buffalo WZR-HP-G300NH Gargoyle 1.5.9+1f082daf
Linksys WRT54GL Gargoyle 1.4.4
TP-Link TL-WR1043ND Gargoyle 1.5.9+1f082daf
Buffalo WZR-HP-G300NH Gargoyle 1.5.9+1f082daf
Linksys WRT54GL Gargoyle 1.4.4
TP-Link TL-WR1043ND Gargoyle 1.5.9+1f082daf
Re: Loophole of quota function
I'd be interested in this too. But believe the only way to properly lock wired LAN is only by the use of a 'managed switch', and restrict mac addressing there.
Has anyone been able to do this via Gargoyle.
Thanks.
Has anyone been able to do this via Gargoyle.
Thanks.
Re: Loophole of quota function
The original poster on this thread was confused.
To "lock down" your LAN you need to assign static IP address based on MAC address for all the computers you wish to service. This is done on the connection DHCP screen.
Then check the box on the same screen labeled
"Block MAC addresses assigned a static IP that connect from a different IP"
Then quota rules for the IP addresses as you like and a catch all quota to pickup everyone else and do what you want with them.
To "lock down" your LAN you need to assign static IP address based on MAC address for all the computers you wish to service. This is done on the connection DHCP screen.
Then check the box on the same screen labeled
"Block MAC addresses assigned a static IP that connect from a different IP"
Then quota rules for the IP addresses as you like and a catch all quota to pickup everyone else and do what you want with them.
Linksys WRT1900ACv2
Netgear WNDR3700v2
TP Link 1043ND v3
TP-Link TL-WDR3600 v1
Buffalo WZR-HP-G300NH2
WRT54G-TM
Netgear WNDR3700v2
TP Link 1043ND v3
TP-Link TL-WDR3600 v1
Buffalo WZR-HP-G300NH2
WRT54G-TM
Re: Loophole of quota function
Hi Pbix, and thank you for your reply.
I have tried this, and it does not work. Being that the computer on the LAN have its MAC listed in the DHCP Pool or not, it will still be allowed access to WAN when I manually assign it an IP that is in the non-restricted IP Range.
This is my device and its status while testing this again just now:
Device Name:Gargoyle
Gargoyle Version:1.5.10
Model:TP-Link TL-WR1043N/ND v1
Device Configuration:Gateway
Memory Usage:18.1MB / 28.5MB (63.4%)
Connections:47/4096
CPU Load Averages:0.33 / 0.12 / 0.14 (1/5/15 minutes)
Kind Regards,
Cachorro.
I have tried this, and it does not work. Being that the computer on the LAN have its MAC listed in the DHCP Pool or not, it will still be allowed access to WAN when I manually assign it an IP that is in the non-restricted IP Range.
This is my device and its status while testing this again just now:
Device Name:Gargoyle
Gargoyle Version:1.5.10
Model:TP-Link TL-WR1043N/ND v1
Device Configuration:Gateway
Memory Usage:18.1MB / 28.5MB (63.4%)
Connections:47/4096
CPU Load Averages:0.33 / 0.12 / 0.14 (1/5/15 minutes)
Kind Regards,
Cachorro.
Re: Loophole of quota function
One alternative solution for you would be to set a quota for "all hosts without explicit quota" to zero and you set the speed limit you want to impose on that.
Anyone who connect to your LAN without an assigned quota will automatically fall into this group. You could simply set it to "Shut down all internet access" or throttle it to a very slow speed.
This is what I do here
Anyone who connect to your LAN without an assigned quota will automatically fall into this group. You could simply set it to "Shut down all internet access" or throttle it to a very slow speed.
This is what I do here
Eric Wong
PM me if you need to buy Gargoyle router in Australia/NZ, willing to pay me to help you on your Gargoyle configurations or build custom configured ROM with pre-installed app or try to fix your bricked router. Yes, I am looking for job/work.
PM me if you need to buy Gargoyle router in Australia/NZ, willing to pay me to help you on your Gargoyle configurations or build custom configured ROM with pre-installed app or try to fix your bricked router. Yes, I am looking for job/work.
Re: Loophole of quota function
Hi Eric,
Yes, that would work. And has worked unless someone witty and willingly comes along to 'steal' someone else's Quota by setting their IP to a known IP that is allowed and has still quota available.
Mainly, what I have discovered is resolved by the DHCP tick of "Block MAC addresses assigned a static IP that connect from a different IP", which does not seem to want to work for me.
Say, as I have tested:
I have two computers with their MACs in the DHCP pool assigning them with an IP, say 1 and 2.
If I change the IP on computer #2, to the IP of #1, the router still happily allows traffic thru the gateway and it consumes #1's Quota.
Is this a known issue?
I am happy to send you any of my router's config and logs if you would like to have a look at them (on PM).
Thanks,
Cachorro./
Yes, that would work. And has worked unless someone witty and willingly comes along to 'steal' someone else's Quota by setting their IP to a known IP that is allowed and has still quota available.
Mainly, what I have discovered is resolved by the DHCP tick of "Block MAC addresses assigned a static IP that connect from a different IP", which does not seem to want to work for me.
Say, as I have tested:
I have two computers with their MACs in the DHCP pool assigning them with an IP, say 1 and 2.
If I change the IP on computer #2, to the IP of #1, the router still happily allows traffic thru the gateway and it consumes #1's Quota.
Is this a known issue?
I am happy to send you any of my router's config and logs if you would like to have a look at them (on PM).
Thanks,
Cachorro./
Re: Loophole of quota function
Hi,
Has anyone been able to resolve this?
Thanks.
Has anyone been able to resolve this?
Thanks.
- Attachments
-
- gargoyle_-Block_MAC_addresses_assigned_a_static-.png (16.42 KiB) Viewed 12781 times