[ previous ] [ next ] [ threads ]
 
 From:  Michael Mee <mm2001 at pobox dot com>
 To:  Quark IT - Hilton Travis <hilton at quarkit dot com dot au>
 Cc:  m0n0wall dash dev at lists dot m0n0 dot ch
 Subject:  Re: [m0n0wall-dev] DHCP Server request
 Date:  Mon, 21 Feb 2005 00:07:41 -0800 
I think someone suggested this before, but if you add a RADIUS server
into the mix, doesn't that solve all your problems (at the price of
either another box or a hosted RADIUS account)?

I.e., instead of a MAC based model, you end up with a user based model
with all the admin options that a RADIUS server provides.

Quark IT - Hilton Travis wrote:
> 1. The ability to just disable a particular MAC/IP from being on the 
> "Pass-Thru" or "Block" list, not having to delete it totally -
> somewhat like in the Firewall Rules section where a rule can be
> configured but disabled.

One hack that might prove workable for you for this item is to use the
Description field in a way that allows disable. E.g. something

Pass-through MAC listing before:
00:80:c8:ac:fb:64  Dan on 1st floor

Pass-through MAC listing after disabling:
99:99:99:99:99:01  Dan on 1st floor - 00:80:c8:ac:fb:64

I.e., put in a dummy MAC as a place-holder for Dan's info which is
actually in the comment. You could do something similar with IPs. I
posit that you could train someone to do this without too much hassle
(less hassle than gathering the MAC info in the first place :->).

cheers, michael