From owner-freebsd-questions@FreeBSD.ORG  Tue Jun 24 18:59:32 2008
Return-Path: <owner-freebsd-questions@FreeBSD.ORG>
Delivered-To: freebsd-questions@freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34])
	by hub.freebsd.org (Postfix) with ESMTP id 12EF61065671
	for <freebsd-questions@freebsd.org>;
	Tue, 24 Jun 2008 18:59:32 +0000 (UTC) (envelope-from cswiger@mac.com)
Received: from smtpoutm.mac.com (smtpoutm.mac.com [17.148.16.66])
	by mx1.freebsd.org (Postfix) with ESMTP id 0474C8FC14
	for <freebsd-questions@freebsd.org>;
	Tue, 24 Jun 2008 18:59:31 +0000 (UTC) (envelope-from cswiger@mac.com)
Received: from asmtp014.mac.com (asmtp014-bge351000 [10.150.69.77])
	by smtpoutm.mac.com (Xserve/smtpout003/MantshX 4.0) with ESMTP id
	m5OIxVnM007878 for <freebsd-questions@freebsd.org>;
	Tue, 24 Jun 2008 11:59:31 -0700 (PDT)
MIME-version: 1.0
Content-transfer-encoding: 7BIT
Content-type: text/plain; charset=US-ASCII; format=flowed; delsp=yes
Received: from cswiger1.apple.com ([17.227.140.124])
	by asmtp014.mac.com (Sun Java(tm) System Messaging Server 6.3-6.03
	(built Mar
	14 2008; 32bit)) with ESMTPSA id <0K2Z00G9DE36ED40@asmtp014.mac.com> for
	freebsd-questions@freebsd.org; Tue, 24 Jun 2008 11:59:31 -0700 (PDT)
From: Chuck Swiger <cswiger@mac.com>
To: Yavuz Maslak <maslak@ihlas.net.tr>
In-reply-to: <3d1301c8d62a$1992f110$dc96eed5@ihlasnetym>
X-Priority: 3
References: <3d0101c8d61f$65630ea0$dc96eed5@ihlasnetym>
	<E866FCED-6BE9-4B3A-9790-7D0580612773@mac.com>
	<3d1301c8d62a$1992f110$dc96eed5@ihlasnetym>
Message-id: <8678FE05-A8BA-4718-A091-E9EB8A9DBBF1@mac.com>
Date: Tue, 24 Jun 2008 11:59:30 -0700
X-Mailer: Apple Mail (2.924)
Cc: freebsd-questions@freebsd.org
Subject: Re: how to reject all mac addresses except some mac addresses using
 ipfw?
X-BeenThere: freebsd-questions@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: User questions <freebsd-questions.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-questions>, 
	<mailto:freebsd-questions-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-questions>
List-Post: <mailto:freebsd-questions@freebsd.org>
List-Help: <mailto:freebsd-questions-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-questions>, 
	<mailto:freebsd-questions-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Tue, 24 Jun 2008 18:59:32 -0000

[ ...please don't top-post... ]

On Jun 24, 2008, at 11:42 AM, Yavuz Maslak wrote:
> But  I should have asked different my first question.
> I have meant that how can I restrict to use an ip address which I  
> already
> assigned to a computer, anyone can use at his pc?

There is nothing which can prevent someone from configuring a machine  
to use any IP address they want to set, assuming they have admin  
access to that machine.

Normally, you don't grant physical access to your network for people  
you don't trust, but if you need to provide network access to  
untrustworthy systems, then you need to look into setting up access  
control via VLANs, or maybe PPPoE, or something similar where you can  
isolate their network and only let their traffic talk to other things  
if they connect "properly"...

Regards,
-- 
-Chuck