From owner-freebsd-questions Thu Apr 5 11: 8:15 2001 Delivered-To: freebsd-questions@freebsd.org Received: from c015.sfo.cp.net (c015-h006.c015.sfo.cp.net [209.228.12.120]) by hub.freebsd.org (Postfix) with SMTP id E739637B440 for ; Thu, 5 Apr 2001 11:08:08 -0700 (PDT) (envelope-from csumner@omnisky.com) Received: (cpmta 8424 invoked from network); 5 Apr 2001 11:08:08 -0700 Received: from unknown (HELO CSUMNER) (209.157.244.93) by smtp.omnisky.com (209.228.12.120) with SMTP; 5 Apr 2001 11:08:08 -0700 X-Sent: 5 Apr 2001 18:08:08 GMT From: "Chuck Sumner" To: "'ScaryG'" , "'Kurtis Smith'" Cc: Subject: RE: Traffic shaping natd dhcp and ipfw Date: Thu, 5 Apr 2001 11:08:36 -0700 Message-ID: <001101c0bdfb$6fe25a00$c803a8c0@CSUMNER> MIME-Version: 1.0 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: 7bit X-Priority: 3 (Normal) X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook CWS, Build 9.0.2416 (9.0.2911.0) X-MimeOLE: Produced By Microsoft MimeOLE V5.50.4133.2400 In-Reply-To: <008401c0bdf7$cfba03a0$0f01a8c0@phantom> Importance: Normal Sender: owner-freebsd-questions@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG another option would be to use group option with dhcpd to assign different blocks to different groups. then ipfilter to block outgoing access to certian ports for certian address space blocks. or refuse to work for such an employer. while i agree that lease length time may be a dead end road, its easy to change: from man dhcpd.conf The default-lease-time statement default-lease-time time; Time should be the length in seconds that will be assigned to a lease if the client requesting the lease does not ask for a specific expiration time. chuck -----Original Message----- From: owner-freebsd-questions@FreeBSD.ORG [mailto:owner-freebsd-questions@FreeBSD.ORG]On Behalf Of ScaryG Sent: Thursday, April 05, 2001 10:43 AM To: Kurtis Smith Cc: freebsd-questions@FreeBSD.ORG Subject: Re: Traffic shaping natd dhcp and ipfw > Well at my work they are wanting to block > entire access including www, FTP, email for certain machines. I don't know why you're looking at DHCP and leases. Assuming your FreeBSD box is your gateway, you should be looking at /etc/hosts.allow and /etc/hosts.deny I would think. Or, adding some rules to ipfw. I don't have any "links" to toss your way, but I'm sure 'man hosts' or 'man hosts.deny' etc may help. -Gerry To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message