How to bind ip address with MAC

[wazim4_u]

Salam...!
i have dsl 256k i have lan users using internet. I want to bind thier ips with thier LAN cards so they cannot cheat. i also want to block all host by ip or mac and then allow one by one. I have tried to block host with this command

iptables -I OUTPUT -d 192.168.0.0/24 -j REJECT

and then allow them one by one

iptables -I OUTPUT -d 192.168.0.2 -j ACCEPT

But it only stops browsing and users can still connect to msn and yahoo. Is there any way i can block totally access from client and then allow one by one ?

Allah hafiz

[LinuxFreaK]

Dear wazim4_u,
Salam,

FYI, http://www.linuxpakistan.net/forum2x/vi ... php?t=2182

Best Regards.

[wazim4_u]

Dear LinuxFreaK

I told you i have tried the script it worked without any error the block mac still can connect to msn, yahoo kazaa etc. but cannot browse net , ssh ( putty ) or ping . I want to completly deny the access from baned ip or mac , Please care to my matter.

allah hafiz

[LinuxFreaK]

Dear wazim4_u,
Salam,

I told you i have tried the script it worked without any error the block mac still can connect to msn, yahoo kazaa etc. but cannot browse net , ssh ( putty ) or ping . I want to completly deny the access from baned ip or mac , Please care to my matter.

Brother, Use this rule and check that are you able to connect to the MSN using your client !!

# iptables -I INPUT -p all -j DROP

OR to Block MSN,Yahoo this link will block MSN Yahoo Globally !!

https://lists.netfilter.org/pipermail/n ... 45102.html

Best Regards.

[wazim4_u]

Dear Bro LinuxFreak
Salam...!

I have tried the given command for blocking everything but it still allow to connect msn and yahoo. They took little bit more time than normal but finally connect. the command was

iptables -I INPUT -p all -j DROP

Tell me what to do its now a headache for me.

allah hafiz