Hello all, Perhaps I'm looking for this the wrong way. My local network now (and hopefully temporarily) includes hostile users. I may need to exercise controls on their Internet usage by machine.
Now, I can certainly tell dhcpd to give certain machines certain IP addresses by reference to their MAC address. But that won't stop these users from allocating their own IP address and essentially bypassing dhcpd. The environment includes a lot of wireless -- most users connect this way. So I'm thinking I'd like to be able to write packet filter rules based on MAC address. I'm not necessarily going to want to simply cut off all their Internet access, but pf offers a lot of options to do what I think I might want to do, if I can make rules by MAC address. Traffic shaping and additional rules about what ports they can access come to mind. Possibly other possibilities will come to your mind -- hopefully you see what I'm thinking. Is it possible? -- David Benfell, LCP [EMAIL PROTECTED] --- Resume available at http://www.parts-unknown.org/
