[ previous ] [ next ] [ threads ]
 
 From:  "Michael Graves" <mgraves at mstvp dot com>
 To:  "m0n0wall at lists dot m0n0 dot ch" <m0n0wall at lists dot m0n0 dot ch>, "Jon Saints" <saintsjd at yahoo dot com>
 Subject:  Re: [m0n0wall] Adding MAC filter to monowall
 Date:  Sat, 25 Nov 2006 10:08:38 -0600
On Sat, 25 Nov 2006 02:35:31 -0800 (PST), Jon Saints wrote:

>Yes, the "DHCP deny unknow clients" is almost is what
>we need.  The problem is for users who just choose a
>static IP address. What we really want is an option
>like "only allow access if a user has obtained a DHCP
>lease from this router"
>
>Then we could use the 'static address' feature to
>register MACs that we want to permit.
>
>MAC filter, while easy to work around for a determined
>user, would prevent un-determined users from simply
>being able to just plug in and use internet resources.
>This is what we are trying to accomplish.
>
>But your point is a good one. Perhaps all we need is
>to add "only allow access if a user has obtained a
>DHCP lease from this router" feature instead of a
>whole MAC filter feature.

I suspect that what you seek is already there. You don't need to assign
addresses to the MACs listed in the filter. When you don't they get
assigned IPs from the DHCP pool. Clients that are not one of the listed
MACs simply don't get an IP address at all.

Michael

--
Michael Graves                           mgraves at pixelpower dot com
Sr. Product Specialist                          www.pixelpower.com
Pixel Power Inc.                                 mgraves at mstvp dot com

o713-861-4005
o800-905-6412
c713-201-1262
skye mjgraves
fwd 54245