Welcome, Guest. Please login or register.
Did you miss your activation email?
Saturday 30 November 2024, 04:14:27 pm

Login with username, password and session length

CLICK HERE for the The official Endian Roadmap and Issue tracker
14261 Posts in 4377 Topics by 6517 Members
Latest Member: Sandro
Search:     Advanced search
+  EFW Support
|-+  Support
| |-+  General Support
| | |-+  Restrict blue access
0 Members and 2 Guests are viewing this topic. « previous next »
Pages: [1] Go Down Print
Author Topic: Restrict blue access  (Read 14968 times)
dgcarter
Jr. Member
*
Offline Offline

Posts: 9


« on: Sunday 08 March 2009, 08:19:57 am »

I'm looking for a method to restrict access to my blue (wireless) network with a MAC fliter type arrangement, similar to IPCop where one has to specify which MAC addys can access the network.

I attempted to do this under the System Access config under Firewall, but it won't accept MAC addys as a source, even though it says just above the input box it can. Any suggestions?

P.S. I know I can configure this on my Wireless AP, but thats not what I'm looking for.

Thanks in advance.
Logged
dgcarter
Jr. Member
*
Offline Offline

Posts: 9


« Reply #1 on: Tuesday 17 March 2009, 06:22:43 am »

Support? Anyone?
Logged
mrkroket
Hero Member
*****
Offline Offline

Posts: 495


« Reply #2 on: Friday 20 March 2009, 02:05:47 am »

You can filter Blue->Red, Blue->Green, Blue->Orange traffic by MAC.

System access rules as far as I know are referred to rules that allow client to access the firewall, just for admin the firewall.
You need to block also that?



Logged
dgcarter
Jr. Member
*
Offline Offline

Posts: 9


« Reply #3 on: Friday 27 March 2009, 05:26:56 am »

You can filter Blue->Red, Blue->Green, Blue->Orange traffic by MAC.

System access rules as far as I know are referred to rules that allow client to access the firewall, just for admin the firewall.
You need to block also that?





But how? I've tried in the outgoing firewall. I created a rule denying Blue -> Red, then above that a rule allowing only specific mac addys. But even if I leave only the deny all blue rule enabled, I still can access the net on blue.  Huh
Logged
mrkroket
Hero Member
*****
Offline Offline

Posts: 495


« Reply #4 on: Tuesday 31 March 2009, 07:41:02 am »

If you enable the HTTP Proxy some rules on Outgoing Firewall are bypassed by the proxy.
Check the Outgoing Firewall Rules with HTTP proxy disabled. Log the rules and see what happens on firewall rules.
I know, for me that Proxy bypass doesnt make sense at all. But it happens the same on ipcop. The logical way for me is User-->Outgoing Firewall-->HTTP Proxy.


In fact to allow a full integration of DHCP fixed leases+Outgoing FW+Proxy HTTP you must change a lot of scripts on EFW.
I did it and it manage to works as I need: I register a MAC in DHCP fixed, assign to a custom firewall rule group, and voila, only registered MAC's will have access to Inet, and only to selected services by rule groups. Unregistered ppl cant use internet except for whitelisted domains (webmail, microsoft updates, antivir update site, etc.). Those mods can have undesired effects, but for now it works more or less as intended (problems with whitelisted HTTPS sites for unregistered ppl).

 
Logged
Pages: [1] Go Up Print 
« previous next »
Jump to:  

Page created in 0.095 seconds with 19 queries.
Powered by SMF 1.1 RC2 | SMF © 2001-2005, Lewis Media Design by 7dana.com