From owner-freebsd-questions@FreeBSD.ORG Mon Sep 8 02:48:51 2003 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 0B97216A4C0 for ; Mon, 8 Sep 2003 02:48:51 -0700 (PDT) Received: from void.xpert.com (mail.xpert.com [199.203.132.1]) by mx1.FreeBSD.org (Postfix) with ESMTP id 0101F43F3F for ; Mon, 8 Sep 2003 02:48:49 -0700 (PDT) (envelope-from Yonatan@xpert.com) Received: from void.xpert.com (localhost [127.0.0.1]) by void.xpert.com (8.12.8/8.12.8) with ESMTP id h88AA9nt019919 for ; Mon, 8 Sep 2003 13:10:09 +0300 Received: from EXCHANGE.xpert.com (exchange.xpert.com [199.203.132.135]) by void.xpert.com (8.12.8/8.12.8) with ESMTP id h88AA8ux019914 for ; Mon, 8 Sep 2003 13:10:08 +0300 content-class: urn:content-classes:message MIME-Version: 1.0 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: quoted-printable X-MIMEOLE: Produced By Microsoft Exchange V6.0.6375.0 Date: Mon, 8 Sep 2003 12:47:35 +0300 Message-ID: X-MS-Has-Attach: X-MS-TNEF-Correlator: Thread-Topic: Binding MAC to IP Statically Thread-Index: AcN17ffw+mfeFleFQICxjQjfYKN3TQAAQSvA From: "Yonatan Bokovza" To: Subject: RE: Binding MAC to IP Statically X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 08 Sep 2003 09:48:51 -0000 > -----Original Message----- > From: Timur [mailto:thor@telecom.sarkor.uz] > Sent: Monday, September 08, 2003 12:34 > To: Yonatan Bokovza > Cc: freebsd-questions@freebsd.org > Subject: Re: Binding MAC to IP Statically >=20 >=20 > On Mon, Sep 08, 2003 at 12:07:33PM +0300, Yonatan Bokovza wrote: > > > -----Original Message----- > > > From: Chuck Swiger [mailto:cswiger@mac.com] > > > Sent: Sunday, September 07, 2003 23:10 > > > To: Colin Watson > > > Cc: freebsd-questions@freebsd.org > > > Subject: Re: Binding MAC to IP Statically > > >=20 > > >=20 > > > Colin Watson wrote: > > > [ ...rewrapped to 80-columns... ] > > > > Any way to bind a MAC address statically to an IP?. I wish=20 > > > to do this to > > > > prevent a user from changing his IP address on the subnet,=20 > > > so if he does he > > > > can't pass traffic. I have experimented with ipfw, but I=20 > > > can't quite see how > > > > I could accomplish the binding of a IP statically to a=20 > > > nic's MAC. Any ideas > > > > be appericated. > > >=20 > > > IPFW2 lets you perform firewall actions on a MAC address,=20 > > > rather than an IP. > > >=20 > > > You can configure a DHCP server to staticly allocate an IP=20 > > > address to that=20 > > > machine via something like this in {/usr/local}/etc/dhcpd.conf: > > >=20 > > > host pi.codefab.com { > > > hardware ethernet 00:00:00:00:00:00; > > > fixed-address 66.234.138.67; > > > } > >=20 > > Look for static arp. The basic idea is that you tell your > > interface to not use arp (see ifconfig(8) -arp) and give > > it a static binding of MAC addresses to IP addresses > > (see arp(8) -f). >=20 > This solves the problem, but creates another one - your clients must > statically bound MAC address of your router (default gateway) to IP > address. Correct. It is best for small, unchanging networks. DMZ for example.