Community discussions

MikroTik App
  4. RouterOS
  5. General

block ip address out from router

Post Reply
 
ketut
just joined
Topic Author
Posts: 23
Joined: Fri Jan 27, 2006 2:15 pm

block ip address out from router

Sat Feb 25, 2006 9:05 am

hello
i want ask a question, i have 10 PC,the Ip from 192.168.1.2 - 192.168.1.9, ip router 192.168.1.1 netmask 255.255.255.0
the question: how to block ip 192.168.1.10 - 192.168.1.254 it cannot conenct to internet and all protocol, i use mikrotik 2.9.2, so everyone cannot change the ip
i use simple queue for 192.168.1.2 - 192.168.1.9, this ip have bandwidth limiting

thank you very much, i am sorry for the english
Top
 
Alex
Member Candidate
Member Candidate
Posts: 214
Joined: Thu Sep 30, 2004 11:07 am

Sat Feb 25, 2006 11:01 am

firewall,arp table.for example: set arp to reply only on interface with address 192.168.1.1.add static entries from 192.168.1.2-192.168.1.9 to arp table.all others addresses will not work.sorry for my english :?
Top
 
User avatar
macgaiver
Forum Guru
Forum Guru
Posts: 1764
Joined: Wed May 18, 2005 5:57 pm
Location: Sol III, Sol system, Sector 001, Alpha Quadrant

Mon Feb 27, 2006 8:52 am

You can simple masquerade only packets from those 10 IPs :)

But I suggest Alex solution use ARP static entries and interface mode to read-only
Top
 
ketut
just joined
Topic Author
Posts: 23
Joined: Fri Jan 27, 2006 2:15 pm

Tue Feb 28, 2006 9:36 am

thank you very much for the answer, the answer correct, and i use your suggestion, thank you

now i have one question again
my network 192.168.9.0/24, i subnet /29
my router 192.168.9.1 netmask 255.255.255.248

client 1 get ip: 192.168.9.8/29 (192.168.9.9 - 192.168.9.15)
client 2 get ip: 192.168.9.16/29 (192.168.9.17-192.168.9.23)

client 1 have bandwidth 32kbps
client 2 have bandwidth 64kbps

my question, i want each client not use all ip (exp: client 1 can use 192.168.9.9 but 192.168.9.10-192.168.9.15 cannot use)
client 2 same like that

i use that because i am afraid client 2 can use ip from client 1, so i use that rule

can mikrotik 2.9.2 use that??? if can my i get the rule or links for my problem....so i can learn that

thank you very much for the suggestion and rule, i am sorry for my english
Top
 
User avatar
macgaiver
Forum Guru
Forum Guru
Posts: 1764
Joined: Wed May 18, 2005 5:57 pm
Location: Sol III, Sol system, Sector 001, Alpha Quadrant

Tue Feb 28, 2006 10:25 am

If you made correct IP ARP table it is impossible for clints to jump from 1 Ip to another - so there are no problems

Why you use subnetting, use one subnet /28 and create 1 simple queue for each client!
Top
 
User avatar
mag
Member
Member
Posts: 376
Joined: Thu Jul 01, 2004 12:32 pm
Location: Cologne, NRW, Germany
Contact:
Contact mag

Tue Feb 28, 2006 11:50 am

just an idea: would it not be better to use DHCP with static MAC-entries, for doing the management completely on the router.
Top
 
ketut
just joined
Topic Author
Posts: 23
Joined: Fri Jan 27, 2006 2:15 pm

Tue Feb 28, 2006 2:22 pm

thanks for the suggestion
could you give me soe firewall rule??? i am very thank you if i can get one sample, or do you have links for my problem?


thanks my friend
Top
Post Reply

Who is online

Users browsing this forum: Google [Bot] and 202 guests
  4. RouterOS
  5. General