From owner-freebsd-questions@FreeBSD.ORG Fri Aug 20 18:01:37 2004 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 931AB16A4CF for ; Fri, 20 Aug 2004 18:01:37 +0000 (GMT) Received: from out005.verizon.net (out005pub.verizon.net [206.46.170.143]) by mx1.FreeBSD.org (Postfix) with ESMTP id 2B18143D2F for ; Fri, 20 Aug 2004 18:01:37 +0000 (GMT) (envelope-from cswiger@mac.com) Received: from [192.168.1.3] ([68.160.193.218]) by out005.verizon.net (InterMail vM.5.01.06.06 201-253-122-130-106-20030910) with ESMTP id <20040820180136.ZHXZ8887.out005.verizon.net@[192.168.1.3]>; Fri, 20 Aug 2004 13:01:36 -0500 Message-ID: <41263C76.7070102@mac.com> Date: Fri, 20 Aug 2004 14:01:26 -0400 From: Chuck Swiger Organization: The Courts of Chaos User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.7.2) Gecko/20040803 X-Accept-Language: en-us, en MIME-Version: 1.0 To: Wayne M Barnes References: <20040820172222.GA65972@etaq.com> In-Reply-To: <20040820172222.GA65972@etaq.com> Content-Type: text/plain; charset=us-ascii; format=flowed Content-Transfer-Encoding: 7bit X-Authentication-Info: Submitted using SMTP AUTH at out005.verizon.net from [68.160.193.218] at Fri, 20 Aug 2004 13:01:36 -0500 cc: freebsd-questions@freebsd.org Subject: Re: dhcpd MAC filter X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 20 Aug 2004 18:01:37 -0000 Wayne M Barnes wrote: > Is there a way to allow or disallow certain computers by their > MAC number? ipfw 2 supports firewalling by MAC address, so yes. > This ability comes with the software on my wireless access point, > but I prefer that my FreeBSD system hand out the IP addresses, > and I cannot find this MAC-filtering ability at man dhcpd. > > isc-dhcp3-server-3.0.1.r14_2 is my installed port. > Is there another dhpcd to try? You can specify MAC addresses in your DHCP config to reserve specific IP addresses for specific machines. I'm not sure whether there is a way to tell DHCP not to grant a lease to MAC addresses which are not found, but then, without using a firewall, someone could manually configure a foreign host to use the connection, regardless of whether they can get a DHCP lease. -- -Chuck