[ previous ] [ next ] [ threads ]
 
 From:  YvesDM <ydmlog at gmail dot com>
 To:  "Lee Sharp" <leesharp at hal dash pc dot org>
 Cc:  "m0n0wall at lists dot m0n0 dot ch" <m0n0wall at lists dot m0n0 dot ch>
 Subject:  Re: [m0n0wall] deny certain mac address from getting an ip?
 Date:  Sun, 15 Jun 2008 20:02:43 +0200 
On Sun, Jun 15, 2008 at 7:47 PM, Lee Sharp <leesharp at hal dash pc dot org> wrote:

> YvesDM wrote:
>
>  So I blocked all dest. p25 traffic from his ip of with a firewall rule on
>> the LAN if (on top of the list, so above lan net->any) , but somehow he
>> still manages to crash the system.
>>
>
> Note that blocking and rejecting are different.  Specifically, one creates
> a state.  Which are you doing?


I did block them, not reject.

>
>
> As to assigning a bogus IP, I know the GUI does sanity checking, but does
> the config file?  What if you assign a static IP, save the config, change it
> in the config to 127.0.0.1, and upload the config?  Or just give it a
> totally invalid IP with no route to the firewall?
>
>                        Lee


Damn lee, good idea!
My problem is solved for now, but i will sure test this out on a testbox
this week and post the results.
This can be very very handy in the future! Tnx!

Kind regards,
Y.