On Friday 17 June 2005 13:31, Ernest Byaruhanga wrote: > Christopher Nambale/Bushnet wrote the following on 06/17/2005 12:20 PM > > > I guess he means it's a little cumbersome to do it your way. > > Imagine a network of 500 machines or one where people with new > > computers join and leave by the hour. > > thats not what he wrote.
Actually he did. Basically your solution says that you define all known machines and deny all others by default while he wants something that is a mix of having some defined addresses, some random and a specific list of denied MAC addresses. However I think on the practical level he is better of blocking at the switch rather than in this way. it is pretty trivial to pick a random ip address if you know the range in use and the relevant gateway and this can cause even worse havoc. In any case, what are you trying to block them from accessing? You could simply put those particular clients on a separate V-LAN. -- Noah. ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------ "Today's Excellence is tomorrow's mediocrity" --Robb Thompson _______________________________________________ LUG mailing list [email protected] http://kym.net/mailman/listinfo/lug %LUG is generously hosted by INFOCOM http://www.infocom.co.ug/
