OK, I'll try to explain it better (sorry, but my english is poor :(( )
Hi, I want to built a network that allows http navigation to any host that is plugged on it, without any change on its configuration. This can be useful, for example, in a hotel, where they want to provide web navigation to their customers without the need to change any configuration, just plug & web. >>Me neither, what are you aiming at, security tied down to the >>mac address? I'm not thinking in security, just in providing connection. For example my network is 1.2.3.0 and I want that a host with an IP from any unknown network (i. e. 10.9.8.7) can navigate. First of all, the host will send arp requests to find the MAC of its DNS server, nobody will send a response because it's looking for a host in other network, but I'll have to redirect it to my DNS in order to allow navigation, then it will look for its default gateway, etc (I can't work with mobile IP, BOOTP, DHCP, RARP, nor change any host configuration). Not any host is allowed to do this, only hosts with known MACs (only customers in my hotel). Has anybody implemented a solution for a similar challenge? Any idea? Thank you in advance. >>Otherwise, I don't see how it is useful since for the MAC address to have >>any meaning, it's gotta be a neighbor w.r.t. OSI layer 1 >>(I think it's layer 1 anyhoo). Their MAC address is the only information I have, I prefer to work with IP :( >>In any case, there is in fact a mac iptables target: >> mac >> --mac-source [!] address >> Match source MAC address. It must be of the form >>XX:XX:XX:XX:XX:XX. Note that this only makes sense for packets entering >> the PREROUTING, FORWARD or INPUT chains for packets coming from an >>ethernet device. >>Which can be the predicate for some applicable rule. But the problem is: How can i forward and mangle an arp request??
