Loophole of quota function

[sajjadhalai]

u can block any mac and any IP, for which u dont want to access ur internet..

go to restriction add rule for and use "blockAllExcept", the list of MAC u want.

and similar function is in bottom "allow list" and use "allow only" for allow list..

u can use as vice versa.
u should use both simaltaneouly to make ur rule perfect..

[Cachorro]

To sajjadhalai

Thanks for you post, but I don't believe you understand the issue here.
Please re-read my post for Mon Aug 12, 2013 11:27 pm , that example should explain concept of the problem.

[yc3948]

Hi Eric,
Yes, that would work. And has worked unless someone witty and willingly comes along to 'steal' someone else's Quota by setting their IP to a known IP that is allowed and has still quota available.

Mainly, what I have discovered is resolved by the DHCP tick of "Block MAC addresses assigned a static IP that connect from a different IP", which does not seem to want to work for me.

Say, as I have tested:
I have two computers with their MACs in the DHCP pool assigning them with an IP, say 1 and 2.
If I change the IP on computer #2, to the IP of #1, the router still happily allows traffic thru the gateway and it consumes #1's Quota.
Is this a known issue?
I am happy to send you any of my router's config and logs if you would like to have a look at them (on PM).

Thanks,
Cachorro./

this is why I post here

[Cachorro]

To Eric.
What do you mean?

[Cachorro]

Sorry, I didn't mean Eric. I meant YC3948.

[Cachorro]

Hi,
Has anyone been able to resolve this?
Thanks.

++++++++++
[quote="Postby Cachorro » Mon Aug 12, 2013 11:27 pm

Hi Eric,
Yes, that would work. And has worked unless someone witty and willingly comes along to 'steal' someone else's Quota by setting their IP to a known IP that is allowed and has still quota available.

Mainly, what I have discovered is resolved by the DHCP tick of "Block MAC addresses assigned a static IP that connect from a different IP", which does not seem to want to work for me.

Say, as I have tested:
I have two computers with their MACs in the DHCP pool assigning them with an IP, say 1 and 2.
If I change the IP on computer #2, to the IP of #1, the router still happily allows traffic thru the gateway and it consumes #1's Quota.
Is this a known issue?
I am happy to send you any of my router's config and logs if you would like to have a look at them (on PM).

Thanks,
Cachorro./[/quote]
++++++++++++++

Anyone been able to resolve this?
If I want to do it via command line, which file/files would I need to look at editing to achieve it?
And what command/syntax would I be looking at using?

Thanks.

[ee6]

If you don't need the switch, you can disable it:
http://wiki.openwrt.org/doc/uci/network/switch

You can also only allow certain MAC addresses by configuring the firewall
http://wiki.openwrt.org/doc/uci/firewall

Both of the above will have to be done via SSH.

HTH

[Cachorro]

In reply to ee6

Thank you ee6, I would have to do my reading on this then.
Just to make sure, this will allow me to block any IP address that is in my DHCP pool, and in my current allowed WAN-LAN firewall, to be blocked if trying to access Internet using a different IP than the one assigned by the DHCP service?

Thank you.

[sajjadhalai]

Bloack static Ip wich use different IP
this option works in all routers but this wont work in those routers which have less memory and low Flash ROM..
i,e 2-4 flash rom and 16-32 Ram---that type of rtrs might have not work those options.. else post ur dhcp list full and explain in that and post snapshot for quoatas page also..