Lee Brown wrote: >I'm sorry Tom, but I don't understand how the leases assigned from >the DHCP server automatically add MAC's it has given an address out >to, nor remove MAC's for expired leases. >If I understand the example correctly, that is essentially accepting >traffic from a fixed list, maclist is a static filter, correct?
Correct. What you are asking for isn't available natively in Shorewall - you would need some external glue to handle that. The ISC DHCP server has hooks so you can call external scripts for various events - though you'd need to add a buffering layer as interacting directly with Shorewall (especially if it involves a restart to load a modified config) may be too slow for anything but a very lightly loaded DHCP server. -- Simon Hobson Visit http://www.magpiesnestpublishing.co.uk/ for books by acclaimed author Gladys Hobson. Novels - poetry - short stories - ideal as Christmas stocking fillers. Some available as e-books. ------------------------------------------------------------------------------ Live Security Virtual Conference Exclusive live event will cover all the ways today's security and threat landscape has changed and how IT managers can respond. Discussions will include endpoint security, mobile security and the latest in malware threats. http://www.accelacomm.com/jaw/sfrnl04242012/114/50122263/ _______________________________________________ Shorewall-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/shorewall-users
