Date: Tue, 15 Feb 2005 15:53:16 +0300 From: Igor Robul <igorr@speechpro.com> To: freebsd-stable@freebsd.org Subject: Re: How to make ipfw consider MAC-IP match? Message-ID: <4211F0BC.1070301@speechpro.com> In-Reply-To: <022401c512d7$e0779890$0c00a8c0@artem> References: <200502142022.j1EKMl5R092740@lurza.secnetix.de> <022401c512d7$e0779890$0c00a8c0@artem>
next in thread | previous in thread | raw e-mail | index | archive | help
Artem Kuchin wrote: > Hi! > > I have a table with ethernet (MAC) addresses matching IPs. It is > used to build dhcp config file. But regardless of that any user can > assign his neighbour ips while that pc is turned off and use it to > access internet. The local ips are 192.168. and are behind natd. > I am running 5.3-STABLE and have heard that ipfw2 can in someway > use MAC addresses, but how do I setup ipfw in such a way that I use Samba computer names for this. If user changes computer name, then he will not be able login to domain, and will not able do his job. I dont restrict very much access to Internet, just do accounting. It is easy modify my setup to use user names instead of computer names. Accounting is done with trafd and 2 or 3 shell scripts. Maybe you need something like this? If you wish, I can post my scripts.
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?4211F0BC.1070301>