Darcy Parker <[EMAIL PROTECTED]> schrieb: >Good day all, > > I am using Leaf Bering (latest ver) and currently have my >shorewall >rules to allow a TightVNC connection only from a fixed IP address at >work. > ># DNAT to allow TightVNC from Work Only ># >DNAT net:xxx.xxx.xxx.xxx 192.168.1.100:5800 tcp http >DNAT net:xxx.xxx.xxx.xxx 192.168.1.100:5800 tcp 5800 >DNAT net:xxx.xxx.xxx.xxx 192.168.1.100:5900 tcp http >DNAT net.xxx.xxx.xxx.xxx 192.168.1.100:5900 tcp 5900 > > As I am going to be travelling with my laptop, I am woundering if >there >is a way to configure the rules to allow a TightVNC connection from a >spefic >MAC address as I will not know what my net IP address will be while I >am >away. > >If not from a specific MAC address, then is there another way?
You can't filter on the mac-address because the source and destination mac-address becomes changed be every router(this is layer 2). Only the source and destination ip-addresses (layer 3) stay the same. Using it the way you do, is unsecure anyways! But i think you know it already! :) I would suggest using ssh and portforwarding. You can allow login with private key only, which seems to be very secure and then you can tunnel your http and vnc over the encrypted ssh session. Cu -- written with FeLaMiMail ------------------------------------------------------- This SF.net email is sponsored by: Etnus, makers of TotalView, The best thread debugger on the planet. Designed with thread debugging features you've never dreamed of, try TotalView 6 free at www.etnus.com. ------------------------------------------------------------------------ leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html