[ previous ] [ next ] [ threads ]
 From:  Memli Robaj <memlir at gmail dot com>
 To:  m0n0wall at lists dot m0n0 dot ch
 Subject:  Port Blocking and DHCP Control?
 Date:  Sat, 4 Feb 2006 11:49:51 -0800
sorry for asking again, but i just thought i could clear ur mind if i just
Ask again but in a better way.

i got a link from my ISP, with a simple router, i think its linux based,
maybe MikroTik inside
everyday from 20:00 till 22:00, a Host (black connected through any other
customer) uploads packets with a speed of 2-3 mbit, the speed allowed from
my ISP is maximum 256 up and 256 down kbps, i have no idea where this hosts
gets this speed, its not blocked, it bypasses the ISP router and then my
Network doesnt have any connection with the internet then, not even a ping
to the ISP works...

my ISP gave me a private network with PAT, i dont have access on the router,
lets just say is the network from my ISP (manual, static) is the ISP Router, i connected it with the m0n0 router
directly, so my ISP see's just one host (, so the WAN

on the LAN interface, i created a network with, the LAN
Interface ( is connected with a switch, where all other
Hosts connect to.

ok so good so far, i used DHCP for addressing, with MAC Filtering (or
however its called), so i have to add the MAC 1st, before a host can lease
an IP, now im planing even to reserve each MAC an IP.

Now on the Great thing, 2 problems, Hosts added on DHCP Server with the MAC
Address, can configure the HOST manualy without activating the DHCP, and
they get INTERNET, how do i avoid this, i dont want ANY host to access the
internet without getting in touch with the DHCP server. and yes the second
one, the HOST that blocks my network with that massive upload, strikes
again, and i cant block him, he's not registered on the MAC Table in the
DHCP Server, and he still gets out, im speechless, i just dont understand

ps, back to the prot blocking, screenshots how to block ports on both
interfaces, would be really good.