1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Forwarding to external site if not part of MAC addresses listed

Discussion in 'Networking Issues' started by droidd, Sep 5, 2006.

  1. droidd

    droidd Guest

    Here is what I would like to do.

    I live in a fairly large apartment complex and there are lots of open wireless networks that I could connect to. Mine is NOT one of them.

    What I would like to do is allow anyone to access, but if they are not specifically designated MAC address I have already in my MAC address filter, automatically forward them to a specific IP address that is not within my own internal network.

    So in other words. Someone in Apartment 1 sees that my connection is wide open. I don't have their MAC address listed within the router. It allows them to connect and gives them an IP address, but when they try to go to a website it only will allow them to go to something like Yahoo.com (or what ever I force them to go to.)

    I am not attempting to sell access, I just want to redirect some traffic to a friends website.

    Is what I am trying to do possible WRT54G? I also have a BEFW11S4 sitting around. Can I use this in conjunction with the WRT54G to do this?
    Could 3rd party firmware aid in this?

    The one problem I can see is that if I allow outsiders to obtain an IP I then run a risk of those folks seeing all my internal computers, some of which have shares. This of course, I do not want to do.

    Thanks in advance for ideas.
     
  2. Guyfromhe

    Guyfromhe Network Guru Member

    You will be opening a big can of worms trying this, unless your an expert and know exactly what you're doing i'd keep as far away from this as possible.

    You would need to start by turning off all encryption on your router to allow others wandering by to use it, this is bad first off.

    You could use some carefully crafted firewall rules to redirect all port 80 traffic to a specific host, however that would require your friends site have an IP dedicate to his site only (which most hosting companys won't do for you nowadays) and he would need special configuration on his web server to accept requests for any address from his site.

    And you could use a static IP range for your LAN and a different DHCP range that would keep people away from your LAN, but people wouldn't have much trouble getting in unless you went and setup a barrier between your wireless and wired LANs and then you'd need to setup some kind of VPN...
    Beucase it's not hard to find out what IPs your using or to clone a MAC address.

    If you really really want to do this, i'd suggest buying another router and putting it on a 2nd IP on your cable modem so it's completely seperate from your normal LAN. THen you can force all traffic to your friends website on that router and keep your normal one secure.

    If you really really know what your doing, it's possible with a WRT54G with 3rd party firmware, but like I said it would be horribly complex to set this up securely.
     

Share This Page