Re: [netatalk-admins] how do you restrict netatalk by ip address?

Subject: Re: [netatalk-admins] how do you restrict netatalk by ip address?
From: Michael Egan (dugan@libwais.sonoma.edu)
Date: Wed Jul 29 1998 - 16:06:35 EDT

• Next message: Tony Stuckey: "Re: [netatalk-admins] how do you restrict netatalk by ip address?"
• Previous message: Brad G. Parks: "[netatalk-admins] Put a server in a non-default zone?"
• Next in thread: Tony Stuckey: "Re: [netatalk-admins] how do you restrict netatalk by ip address?"
• Maybe reply: Michael Egan: "Re: [netatalk-admins] how do you restrict netatalk by ip address?"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Wed, 29 Jul 1998, Wes Brown wrote:
> > It would take either writing a new utility or re-writing arp, but if you
> > could grab the given computer's hardware ethernet address (which *MUST* be
> > transmitted with *EVERY* packet), and then compare that to a list
> > generated by arp (esp. after pinging the broadcast address), then you
> > might be able to discover the correct IP address.
>
> Two problems with that. Your arp table size must be the size of your local
> address space.
>
> Secondly, this would be VERY BAD if you have a network with 256x256
> machines like some locations I know of.

Somehow a (256x256) 65K node LAN without subnetting, and routing seems a
bit silly to me. The network congestion would probably be unbearable.
Even with switches and partitioning/segmentation without subnetting,
without a router to better segment your network, and keep total traffic
down to a useable level, I would suspect serious problems would emerge.

In Linux with a kernel that has /proc file system enabled in the kernel:
cat /proc/net/arp

That should show you the MAC addresses associated with IP addresses on
your LAN. If you know the MAC address of the Mac, then you may be able to
find it here, or the IP address of the Mac can give you the MAC address of
the Mac. (Please note that this only lists *recent* IP/MAC address pairs
from connections that have taken place. If the AppleShare is over IP, I
suspect that it should appear here just as all other LAN connection on
the subnet appear in this list. IP addresses *not* on my subnet do not
appear here, but my gateway is listed.

I found it useful to make a webpage that takes the IP address of the
connecting session, and takes the entry from /proc/net/arp to show me the
MAC address and IP addrss of a machine that connect from (assuming it is
on the same subnet) and return it in an HTML page. So, it is simple, but
I find it useful.

-M

--------------------------------------------------------------------------
Systems Department Operating Systems Analyst for the Ruben Salazar Library
              of California State University at Sonoma.
  /UNIX(/BSD/SysV)\N_NW[.]VMS\WNTS\WNTW\W95\W311\WFWG\DOS:MacOS/NeXTSTEP
--------------------------------------------------------------------------

• Next message: Tony Stuckey: "Re: [netatalk-admins] how do you restrict netatalk by ip address?"
• Previous message: Brad G. Parks: "[netatalk-admins] Put a server in a non-default zone?"
• Next in thread: Tony Stuckey: "Re: [netatalk-admins] how do you restrict netatalk by ip address?"
• Maybe reply: Michael Egan: "Re: [netatalk-admins] how do you restrict netatalk by ip address?"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b28 : Sat Dec 18 1999 - 16:33:00 EST