From owner-freebsd-questions Thu Apr 5 12:51:29 2001 Delivered-To: freebsd-questions@freebsd.org Received: from cody.jharris.com (cody.jharris.com [205.238.128.83]) by hub.freebsd.org (Postfix) with ESMTP id C34CC37B507 for ; Thu, 5 Apr 2001 12:51:26 -0700 (PDT) (envelope-from nick@rogness.net) Received: from localhost (nick@localhost) by cody.jharris.com (8.11.1/8.9.3) with ESMTP id f35Kt1e12496; Thu, 5 Apr 2001 15:55:02 -0500 (CDT) (envelope-from nick@rogness.net) Date: Thu, 5 Apr 2001 15:55:01 -0500 (CDT) From: Nick Rogness X-Sender: nick@cody.jharris.com To: ScaryG Cc: Kurtis Smith , freebsd-questions@FreeBSD.ORG Subject: Re: Traffic shaping natd dhcp and ipfw In-Reply-To: <008401c0bdf7$cfba03a0$0f01a8c0@phantom> Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-questions@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG On Thu, 5 Apr 2001, ScaryG wrote: > > Well at my work they are wanting to block > > entire access including www, FTP, email for certain machines. > > I don't know why you're looking at DHCP and leases. > > Assuming your FreeBSD box is your gateway, you should be looking at > /etc/hosts.allow and /etc/hosts.deny I would think. > > Or, adding some rules to ipfw. > > I don't have any "links" to toss your way, but I'm sure 'man hosts' or > 'man hosts.deny' etc may help. You should add firewall rules via ipfw to block them (if your BSD machine is the gateway for those machines you want to block). Give them a static IP in DHCP and block them via ipfw: ipfw add deny tcp from X.X.X.X to any 80 Where X.X.X.X is the machine on your local net that you want to block. Nick Rogness - Keep on Routing in a Free World... "FreeBSD: The Power to Serve!" To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message