From owner-freebsd-questions@FreeBSD.ORG  Fri Aug 20 18:01:37 2004
Return-Path: <owner-freebsd-questions@FreeBSD.ORG>
Delivered-To: freebsd-questions@freebsd.org
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP id 931AB16A4CF
	for <freebsd-questions@freebsd.org>;
	Fri, 20 Aug 2004 18:01:37 +0000 (GMT)
Received: from out005.verizon.net (out005pub.verizon.net [206.46.170.143])
	by mx1.FreeBSD.org (Postfix) with ESMTP id 2B18143D2F
	for <freebsd-questions@freebsd.org>;
	Fri, 20 Aug 2004 18:01:37 +0000 (GMT)	(envelope-from cswiger@mac.com)
Received: from [192.168.1.3] ([68.160.193.218]) by out005.verizon.net
          (InterMail vM.5.01.06.06 201-253-122-130-106-20030910) with ESMTP
          id <20040820180136.ZHXZ8887.out005.verizon.net@[192.168.1.3]>;
          Fri, 20 Aug 2004 13:01:36 -0500
Message-ID: <41263C76.7070102@mac.com>
Date: Fri, 20 Aug 2004 14:01:26 -0400
From: Chuck Swiger <cswiger@mac.com>
Organization: The Courts of Chaos
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US;
	rv:1.7.2) Gecko/20040803
X-Accept-Language: en-us, en
MIME-Version: 1.0
To: Wayne M Barnes <wayne@etaq.com>
References: <20040820172222.GA65972@etaq.com>
In-Reply-To: <20040820172222.GA65972@etaq.com>
Content-Type: text/plain; charset=us-ascii; format=flowed
Content-Transfer-Encoding: 7bit
X-Authentication-Info: Submitted using SMTP AUTH at out005.verizon.net from
	[68.160.193.218] at Fri, 20 Aug 2004 13:01:36 -0500
cc: freebsd-questions@freebsd.org
Subject: Re: dhcpd MAC filter
X-BeenThere: freebsd-questions@freebsd.org
X-Mailman-Version: 2.1.1
Precedence: list
List-Id: User questions <freebsd-questions.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-questions>,
	<mailto:freebsd-questions-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-questions>
List-Post: <mailto:freebsd-questions@freebsd.org>
List-Help: <mailto:freebsd-questions-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-questions>,
	<mailto:freebsd-questions-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Fri, 20 Aug 2004 18:01:37 -0000

Wayne M Barnes wrote:
>     Is there a way to allow or disallow certain computers by their
> MAC number?

ipfw 2 supports firewalling by MAC address, so yes.

>     This ability comes with the software on my wireless access point,
> but I prefer that my FreeBSD system hand out the IP addresses,
> and I cannot find this MAC-filtering ability at man dhcpd.
> 
>    isc-dhcp3-server-3.0.1.r14_2 is my installed port.
> Is there another dhpcd to try?

You can specify MAC addresses in your DHCP config to reserve specific IP 
addresses for specific machines.  I'm not sure whether there is a way to tell 
DHCP not to grant a lease to MAC addresses which are not found, but then, 
without using a firewall, someone could manually configure a foreign host to 
use the connection, regardless of whether they can get a DHCP lease.

-- 
-Chuck