block some PC on the network

Ok. my next Q is whay would you want to run cable between houses? That length of cable can cause slowness and loss of packets.

Anyways.. I can't find any online manuals for your router/modem. But there should be an IP filter/firewall..
All you need to do is assign Ip address per mac address for each computer. then in the Filter/firewall of the router you can deny port 80 with is internet.
 
BuzzStPoint,

Would the_one need to turn off DHCP in order to implement ip filtering?

the_one,

Make sure you configure each pc with a static ip address (manually input) within the range you specify.
 
Cross..

Nope.. The IP filtering would be in the Firewall settings area.. But of course you can though. but that you have to specify an IP address in the tcp/ip settings of each computer.
 
well ... I guess Im a little confused on the point of assigning mac address per ip address. If your router issues DHCP and even limit the ip address range to 5 users, don't you run the risk of dhcp assigning ip address of pc #1 to pc# 2 the next time it requests an address at the end of the leasing period? Or does ip filtering "pool" the 5 ip addresses in the range for the "pool" of mac address and not care which goes to which machine at any given time?
 
Cross..

Your on the right track.. by limiting your ip range..
If your router is capable of "Static DHCP" then you will be able to bind the mac address of that network card to that IP address..

Heres how you would allow the 7 computers on the network and only 5 get internet.
Ip range set 192.168.0.100 - 192.168.0.106

Computer 1
00-00-86-5D-D5-56 - 192.168.0.100
computer 2
00-00-86-5D-D5-57 - 192.168.0.101
Computer 3
00-00-86-5D-D5-58 - 192.168.0.102
Computer 4
00-00-86-5D-D5-59 - 192.168.0.103
Computer 5
00-00-86-5D-D5-60 - 192.168.0.104
Computer 6
00-00-86-5D-D5-61 - 192.168.0.105
Cpmputer 7
00-00-86-5D-D5-62 - 192.168.0.106

Now that you assigned each mac address an IP, at the end of the lease period it will reassign the same IP to that Mac.

When Computer 2 turns off and computer 6 turn on .. The router wont issue #2's IP because the mac address is different.

Now you would enter your Firewall setting in the router.
Create 4 rules
IP 192.168.0.105 "Deny" port 80
IP 192.168.0.105 "Deny" port 443
IP 192.268.0.106 "Deny" port 80
IP 192.168.0.106 "Deny" port 443

Computer 5 & 6 are now both on the network able to share files, but on get on the internet.
 
Think Im going have to take a better look at this idea. Can this concept work then to "deny" the remaining ip's in the class c range 192.168.x.x access to the network and internet ... essentially blocking potential intruders? Or is this still hackable? I realize I can limit how many static addresses the router can issue / work with, but ... any additional ways to block out thieves is always a plus. :)
 
hacking from where? within your own network of from the outside?

From the outside you close your ports you dont need.
As for banning from a partial IP.. yes.. some routers have you set it differently...

Like: 192.168.000.000 or 192.168.*.*

If your worried about people on the network hacking to get into the router and changing the ports so they can get around, then you may have an issue.. For this I would recommend:
Expensive way.
Buy yourself a Gateway. (stronger then a router)
Buy yourself a switch.

connect the switch to the router, The switch will issue automatic IPs itself. You now only have to worry about 1 ip in the router from the switch.
You then would only have the computers on the network connecting to the swtich, all other internet users would connect to the router.

Edit..
but your worried about the router issueing more ip?
if you tell your router to only issue 192.168.0.100 thru 192.168.0.106 then thats all the router will assign.. no one will be able to have 192.168.0.107
 
Back
Top Bottom