Block and kill illegal IP addresses in a Linux system-Linux Enterprise Application-Linux server application information. For details, refer to the following section.
Concept
After deciding to use ARP binding, we should consider the implementation of ARP. ARP (Address Resolution Protocol) is used to notify the recipient's computer and network device of the MAC Address corresponding to their IP Address. If all illegal users are assigned an incorrect MAC address, they cannot access the Internet through this server. Therefore, ARP binding requires that all possible IP addresses be bound to MAC addresses to prevent unauthorized users (except for modifying MAC addresses ).
After some thought, I have determined the preliminary idea. First, generate an invalid MAC address matching table from 10.0.0.1 to 10.0.3.254 using the Linux Shell loop method, which is called a global table. Then, a table of valid user IP addresses and MAC addresses is obtained based on the DHCP server data. Then, read the IP addresses of each user in the valid table and search for matched IP addresses in the global table. If yes, replace the original invalid MAC address with the MAC address of the valid user. Finally, valid users in the global table match the correct MAC address, while invalid users match invalid MAC addresses. As long as the user writes this table to the system ARP cache, illegal users cannot use the Gateway by simply stealing IP addresses.
Implementation
First, an initial global table is generated. It contains all IP addresses, and each IP address matches an invalid MAC address. The format must be recognized by arp commands. The script for initializing the global table is init. The content is as follows:
