From owner-freebsd-questions@FreeBSD.ORG  Tue Jul 26 11:48:00 2011
Return-Path: <owner-freebsd-questions@FreeBSD.ORG>
Delivered-To: freebsd-questions@freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34])
	by hub.freebsd.org (Postfix) with ESMTP id B02D31065670
	for <freebsd-questions@freebsd.org>;
	Tue, 26 Jul 2011 11:48:00 +0000 (UTC)
	(envelope-from b.smeelen@ose.nl)
Received: from mail.ose.nl (mail.ose.nl [212.178.134.164])
	by mx1.freebsd.org (Postfix) with ESMTP id 486488FC18
	for <freebsd-questions@freebsd.org>;
	Tue, 26 Jul 2011 11:47:59 +0000 (UTC)
X-Footer: b3NlLm5s
Received: from localhost ([127.0.0.1]) by mail.ose.nl
	(using TLSv1/SSLv3 with cipher AES256-SHA (256 bits))
	for freebsd-questions@freebsd.org; Tue, 26 Jul 2011 13:47:57 +0200
Message-ID: <4E2EA96D.8010606@ose.nl>
Date: Tue, 26 Jul 2011 13:47:57 +0200
From: Bas Smeelen <b.smeelen@ose.nl>
User-Agent: Mozilla/5.0 (X11; Linux i686;
	rv:5.0) Gecko/20110627 Thunderbird/5.0
MIME-Version: 1.0
To: freebsd-questions@freebsd.org
References: <39BA5203083441F49B797E0E12C7B03D@desktop2002>
In-Reply-To: <39BA5203083441F49B797E0E12C7B03D@desktop2002>
Content-Type: text/plain;
	charset="ISO-8859-9"
Content-Transfer-Encoding: quoted-printable
Subject: Re: How to deny getting static ip address via pf ?
X-BeenThere: freebsd-questions@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: User questions <freebsd-questions.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-questions>, 
	<mailto:freebsd-questions-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-questions>
List-Post: <mailto:freebsd-questions@freebsd.org>
List-Help: <mailto:freebsd-questions-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-questions>, 
	<mailto:freebsd-questions-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Tue, 26 Jul 2011 11:48:00 -0000

On 07/26/2011 12=3A44 PM=2C Yavuz Ma=FE=6C=61=6B=20wrote=3A
=3E Hello=20
=3E
=3E I use pf on freebsd as packet filter=2E
=3E
=3E I have a wireless area=2E The users get to the internet using automatic=
 ip
=3E from the dhcp server=2E=20
=3E I wish to deny to assign a static ip address by manual=2E=20
=3E
=3E How can I do that with pf or ipfw or another thing=3F
=3E
=3E thanks
=3E
Hi
You cannot deny a client to set a static IP address on the client machine=
=2C
except when you have control over the client machine=2E
You can allow access with pf or ipfw only for the DHCP address range you
give out to clients and for static addresses you may have configured
yourself on some network devices that need access=2E If your firewall defau=
lts
to deny =28default=29 all other IP addresses are denied=2C otherwise deny t=
hose
addresses=2E


DISCLAIMER=3A This e-mail is for the intended recipient=28s=29 only=2E Acce=
ss=2C disclosure=2C copying=2C
distribution or reliance on any of it by anyone else is prohibited=2E If yo=
u have received it
by mistake please let us know by reply and then delete it from your system=
=2E