My biggest gripe has been with their lack of supporting MAC address cloning. As many of you that have cable networks know, cable companies often use poor man's security by adding MAC address restrictions to their DHCP servers. In order to get an IP address that is routable to the the Internet, you need to have the MAC address with which you originally registered with the cable company. Many of us are ditching our Linksys boxes in order to use a better featured and more powerful firewalling solution and therefore our only option is to either clone our MAC or attempt to suffer through the tech support hotline music only to get a rep that has no idea what a MAC address is. Don't you hate it when you the customer have to tell the company's representative how to do their job?
Well, according to many of the blogs and posts out there, thats your only option with IPCop. I am here to say "Not any more." We just need to change the MAC address on the public interface BEFORE IPCop attempts to make a DHCP request. I figured out a real clean way to do this before after spending a few hours in the code base but have long since forgotten where I documented what I did. This time I had less time and had to find a faster way even if it was less elegant.
First log into the box (either on the console or through SSH) and login as root (you remember your root password right)? Edit the following file (vi and nano are installed by default):
nano /etc/rc.d/rc.red
This is merely a perlscript file that will get executed as the last part of the rc.netaddress.up process. Scroll past the first few lines. You will see a boilerplate header, some includes, some variable definitions, and finally, look for the section that says:
# read vars back from file
In my version (1.4.13), there are 4 lines after that line. Add a carriage return to get a new line and add the following line after all those &General:readhash lines:
system ('/sbin/ifconfig', 'eth2', 'down', 'hw', 'ether', '00:12:ef:34:2a:ee');
Replace eth2 with the name of your WAN (RED) interface and, of course, use the MAC address which you want the IPCop box to clone. Save the file, reboot, and enjoy your night free of long monotonous elevator music.
1 comment:
Thanks so much for this info. I just did this on IPCop 2.0 and it's working like a charm.
Post a Comment