MAC-Address Filtering in OSX
Category: Computers > Security
Asked by: lithiump4-ga
List Price: $10.00
30 Oct 2006 22:51 PST
Expires: 29 Nov 2006 22:51 PST
Question ID: 778703
I am using Internet Sharing in OSX 10.4.8 to share my cable modem to other Windows-based PC's wirelessly. How can I prevent specified MAC Addresses from connecting to my wireless network? THE DETAILS: This seems to be what I'm looking for, but nothing I do in NetInfo Manager seems to work: (http://developer.apple.com/documentation/Darwin/Reference/ManPages/man8/bootpd.8.html) Here is a quote from a forum that is related to this subject: "I don't know if you've solved your problem already, but I think I found a solution. IPFW won't do MAC address filtering, but bootpd, the program that serves DHCP and doles out the IP addresses will. As detailed in the bootpd man pages (http://developer.apple.com/documentation/Darwin/Reference/ManPages/man8/bootpd.8.html), you can insert allow and deny statements in the DHCP directory in NetInfo Manager. A statement with the property allow and the value the MAC address of your wireless card should lock all other computers out of your network. I can't seem to remember exactly where, but the man pages say that the MAC address should be formatted in the usual style, but with the most significant zeros eliminated, where 00 is 0 and 04 is 4." Thank you very much for helping me out with this extremely aggravating problem.
Re: MAC-Address Filtering in OSX
Answered By: aht-ga on 05 Nov 2006 00:50 PST
lithiump4-ga: I'm glad that restarting did the trick, and I hope I'm not being presumptious in thinking that I'm able to post a summary of our conversation above as the Answer in order to close the Question. The ability to filter MAC addresses when sharing an Internet connection through the built-in gateway capabilities of OS X, resides within the the bootpd process. This is the process that provides DHCP services as part of the gateway functions, so it is the logical place for the filtering to take place; essentially, if the system doesn't approve of the MAC address, it won't issue it an IP address and allow it to connect to the network. Configuring bootpd, is accomplished through the Netinfo Manager tool. This tool allows you to create and alter configuration values for many of the processes that make up OS X. When processes first start up, they refer to the configuration values to know what they are supposed to do. In this case, bootpd needs to be told to only allow certain clients with specific MAC addresses to receive DHCP-assigned IP addresses and other networking parameters. The posting at: http://www.macosxhints.com/article.php?story=20041005183041743 tells us what values need to be created/edited in Netinfo Manager in order to accomplish this. The posting also tells us how the values must be formatted; specifically, that we need to omit any leading zeros in the hexadecimal numbers that make up a MAC address. Once the values have been created/edited and saved, it is necessary to shut down the bootpd process, and any other processes dependent on bootpd, then to restart bootpd so that it uses the new values. The easiest way to do this, is to simply reboot the computer. I'm glad that this approach worked for you, and wish you pleasant surfing and 'torrenting in the future! Regards, aht-ga Google Answers Researcher
rated this answer:
and gave an additional tip of:
Thanks a lot! Did a great job and provided a lot of information to help with the problem at hand.
|There are no comments at this time.|
If you feel that you have found inappropriate content, please let us know by emailing us at email@example.com with the question ID listed above. Thank you.
|Search Google Answers for|