From owner-freebsd-isp Sat Nov 18 7:54: 3 2000 Delivered-To: freebsd-isp@freebsd.org Received: from mail.psknet.com (orion.psknet.com [207.198.61.253]) by hub.freebsd.org (Postfix) with SMTP id 6C3A037B479 for ; Sat, 18 Nov 2000 07:54:00 -0800 (PST) Received: (qmail 13681 invoked from network); 18 Nov 2000 15:53:52 -0000 Received: from abyss.dashit.net (HELO abyss) (209.100.22.250) by orion.psknet.com with SMTP; 18 Nov 2000 15:53:52 -0000 From: "Troy Settle" To: "Evren Yurtesen" , Subject: RE: limiting user activitiy via MAC addresses Date: Sat, 18 Nov 2000 10:55:52 -0500 Message-ID: MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit X-Priority: 3 (Normal) X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook IMO, Build 9.0.2416 (9.0.2911.0) In-Reply-To: X-MimeOLE: Produced By Microsoft MimeOLE V5.50.4133.2400 Importance: Normal X-AntiVirus: scanned for viruses by Pulaski Networks (http://www.psknet.com) using AMaViS (http://www.amavis.org) Sender: owner-freebsd-isp@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org Evren, I've never attempted this, but you might be able to achive your goals through the use of static arp entries and using ipfw to block any unused IP addresses. This would effectively restrict individual machines to a single, predefined IP address. The arp man page will show you how to create a permanent static arp entry. To simplify configuration, you might want to look into DHCP for address assignment. -- Troy Settle Pulaski Networks 540.994.4254 It's always a long day, 86400 doesn't fit into a short. ** -----Original Message----- ** From: owner-freebsd-isp@FreeBSD.ORG ** [mailto:owner-freebsd-isp@FreeBSD.ORG]On Behalf Of Evren Yurtesen ** Sent: Saturday, November 18, 2000 10:11 AM ** To: freebsd-isp@freebsd.org ** Subject: limiting user activitiy via MAC addresses ** ** ** Is it possible to limit users connectivity via MAC ** address? ** ** I have a freebsd gateway and I want some users in ** my LAN to be able to connect to internet and some ** of them to not to. I looked over ipfw but it is ** very easy to change your IP address from Windows ** and get another IP which is not restricted which ** belongs to the users who should be able to connect ** to internet. So it seems that using IP addresses to ** limit connectivity would be quite inefficent but ** the MAC address would be fine. ** ** Or any other better suggestions? probably some kind ** of authentication? ** ** Evren ** ** ** ** To Unsubscribe: send mail to majordomo@FreeBSD.org ** with "unsubscribe freebsd-isp" in the body of the message ** ** To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message