vivek,
u can use -m mac --mac-source option with iptables so that u define the
mac address which is permitted. it works in forward, input and
prerouting tables.
vineet
On Wed, 2002-12-25 at 21:58, vivek wrote:
> On Wed, 2002-12-25 at 10:49, Vineet Mehta wrote:
> > vivek,
> > what i have understood from ur quesitons is that, u want to configure
> > the client IP address manually (which has been specified as 192.168.0.10
> > by dhcpd.conf on server).
>
> actually i was trying to setup a machine which will assign ip addresses
> dynamically and also control net access thru iptables.
>
> i ensured that a machine with a mac add will be assigned ip add as given
> by me by specifying the following in dhcpd.conf
>
> host hostname {
> hardware ethernet 00:B0:D0:64:43:48;
> fixed-address 192.168.0.10;
> }
>
> and
>
> iptables -A FORWARD -i eth1 -o eth0 -s 192.168.0.10 -j ACCEPT
>
> in the firewall config file.
>
> now was slightly worried that if 192.168.0.10 machine is switched off,
> someone can assign 192.168.0.10 to his/her machine and access net.
>
> my method is not good though, and would appreciate if anyone can provide
> something better.
>
> thanks
>
> vivek
>
> ================================================
> To unsubscribe, send email to [EMAIL PROTECTED] with unsubscribe in subject
>header. Check archives at http://www.mail-archive.com/ilugd%40wpaa.org
>
