[ previous ] [ next ] [ threads ]
 From:  Peter Allgeyer <allgeyer at web dot de>
 To:  Dave Evans <dave dot whangarei at gmail dot com>
 Cc:  Monowall List <m0n0wall at lists dot m0n0 dot ch>
 Subject:  Re: [m0n0wall] How to track a changing external IP to access thewebGUI
 Date:  Tue, 19 Jul 2005 11:26:52 +0200
Hi Dave!

Am Dienstag, den 19.07.2005, 21:18 +1200 schrieb Dave Evans:
> If you were considering the ability to allow DNS names in rulesets, would 
> the use of (optional) permitted MAC addresses per domain name decrease the 
> security risk or just be an increase in the configuration overheads with no 
> real advantage ?

Unfortunately I can't follow you in this point. What is the relationship
of MAC addresses to domain names? To filter for MAC addresses the
related hosts must be on the same subnet as of the firewall.
Furthermore, it's expected that the hosts are connected via ethernet.

Ciao ...
	... PIT ...

 copyleft(c) by |           Odd that we think definitions are
 Peter Allgeyer |   _-_     definitive. :-)  -- Larry Wall in
                | 0(o_o)0   <199702221943 dot LAA20388 at wall dot org>