From owner-freebsd-stable@FreeBSD.ORG  Mon Feb 14 20:52:59 2005
Return-Path: <owner-freebsd-stable@FreeBSD.ORG>
Delivered-To: freebsd-stable@freebsd.org
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP id E265616A4CE
	for <freebsd-stable@FreeBSD.ORG>;
	Mon, 14 Feb 2005 20:52:59 +0000 (GMT)
Received: from osiris.itlegion.ru (osiris.itlegion.ru [84.21.226.210])
	by mx1.FreeBSD.org (Postfix) with ESMTP id AB07543D46
	for <freebsd-stable@FreeBSD.ORG>;
	Mon, 14 Feb 2005 20:52:58 +0000 (GMT)
	(envelope-from matrix@itlegion.ru)
Received: from artem ([192.168.0.12])
	by osiris.itlegion.ru (8.13.1/8.13.1) with SMTP id j1EKqhTp074743
	for <freebsd-stable@FreeBSD.ORG>;
	Mon, 14 Feb 2005 23:52:43 +0300 (MSK)
	(envelope-from matrix@itlegion.ru)
X-AntiVirus: Checked by Dr.Web [version: 4.32b, engine: 4.32b, virus records:
	65366, updated: 14.02.2005]
Message-ID: <022401c512d7$e0779890$0c00a8c0@artem>
From: "Artem Kuchin" <matrix@itlegion.ru>
To: <freebsd-stable@FreeBSD.ORG>
References: <200502142022.j1EKMl5R092740@lurza.secnetix.de>
Date: Mon, 14 Feb 2005 23:58:03 +0300
Organization: IT Legion
MIME-Version: 1.0
Content-Type: text/plain;
	format=flowed;
	charset="iso-8859-1";
	reply-type=original
Content-Transfer-Encoding: 7bit
X-Priority: 3
X-MSMail-Priority: Normal
X-Mailer: Microsoft Outlook Express 6.00.2900.2180
X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2900.2180
Subject: How to make ipfw consider MAC-IP match?
X-BeenThere: freebsd-stable@freebsd.org
X-Mailman-Version: 2.1.1
Precedence: list
List-Id: Production branch of FreeBSD source code
	<freebsd-stable.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-stable>,
	<mailto:freebsd-stable-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-stable>
List-Post: <mailto:freebsd-stable@freebsd.org>
List-Help: <mailto:freebsd-stable-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-stable>,
	<mailto:freebsd-stable-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Mon, 14 Feb 2005 20:53:00 -0000

Hi!

I have a table with ethernet (MAC) addresses matching IPs. It is
used to build dhcp config file. But regardless of that any user can
assign his neighbour ips while that pc is turned off and use it to
access internet. The local ips are 192.168. and are behind natd.
I am running 5.3-STABLE and have heard that ipfw2 can in someway
use MAC addresses, but how do I setup ipfw in such a way that
it allows certain IP only from one and only one MAC address?
I hope you are getting my idea.

--
Regards,
Artem Kuchin