From owner-freebsd-net@FreeBSD.ORG  Sat Sep  6 15:26:02 2003
Return-Path: <owner-freebsd-net@FreeBSD.ORG>
Delivered-To: freebsd-net@freebsd.org
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP id 17DFF16A4BF
	for <freebsd-net@freebsd.org>; Sat,  6 Sep 2003 15:26:02 -0700 (PDT)
Received: from hysteria.spc.org (hysteria.spc.org [195.206.69.234])
	by mx1.FreeBSD.org (Postfix) with SMTP id D196C43FE1
	for <freebsd-net@freebsd.org>; Sat,  6 Sep 2003 15:26:00 -0700 (PDT)
	(envelope-from bms@hysteria.spc.org)
Received: (qmail 10160 invoked by uid 5013); 6 Sep 2003 22:22:37 -0000
Date: Sat, 6 Sep 2003 23:22:37 +0100
From: Bruce M Simpson <bms@spc.org>
To: Colin Watson <sb.mailinglist@lambdabroadband.com>
Message-ID: <20030906222237.GR1417@spc.org>
Mail-Followup-To: Bruce M Simpson <bms@spc.org>,
	Colin Watson <sb.mailinglist@lambdabroadband.com>,
	freebsd-net@freebsd.org
References: <002201c3749d$c8cf4460$0b4e1151@blackbox>
	<20030906212549.GP1417@spc.org> <012e01c374c4$d3d3a1e0$0b4e1151@blackbox>
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
In-Reply-To: <012e01c374c4$d3d3a1e0$0b4e1151@blackbox>
User-Agent: Mutt/1.4.1i
Organization: SPC
cc: freebsd-net@freebsd.org
Subject: Re: Packet loss problem
X-BeenThere: freebsd-net@freebsd.org
X-Mailman-Version: 2.1.1
Precedence: list
List-Id: Networking and TCP/IP with FreeBSD <freebsd-net.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-net>,
	<mailto:freebsd-net-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-net>
List-Post: <mailto:freebsd-net@freebsd.org>
List-Help: <mailto:freebsd-net-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-net>,
	<mailto:freebsd-net-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Sat, 06 Sep 2003 22:26:02 -0000

On Sat, Sep 06, 2003 at 11:18:41PM +0100, Colin Watson wrote:
> I don't believe so. We pay for a leased connection - so it's not supposed to
> be filtered. I'll have a dig around tho. One other question, is their any
> way to statically map an IP to a MAC (user who keeps chainging their IP when
> they shouldn't), but prevent them associating the MAC with any other IP? .Or
> am I gonna have to dig thru some ipfw rules ?

You can force an IP to be mapped to a particular MAC address by DHCP,
if that's what you mean, but generally it means removing that IP address
from the pool, which usually means renumbering.

If however you're referring to 'only accept traffic from this IP if it
originated from this MAC address' this could be achieved with layer 2
IPFW rules - but it could be countered with MAC spoofing.

BMS