answer:Can’t really answer this question without more information about your network, but basically you need to set netfilter to drop all packets going to / coming from the unauthorized host on the gateway machine. For example, my little firewall box sits between my wireless router and my wired network. It can (and does) block hosts that attach to my wireless net from sending packets to the wired network, but it can’t do anything to interdict the wireless net (because the wireless is “upstream” of it). The netfilter userspace interface is called iptables. iptables is very complicated and can be a pain to use. There’s a more streamlined program you can use to do basic firewall configuration called ufw, and a GUI for ufw called gufw. iptables is built in, you don’t need to install it. ufw and gufw should be available from BackTrack’s repository. Note that gufw does not offer the option to block by MAC addresses. Or you could just ping-flood them, I guess…