On Sat, Mar 05, 2011 at 05:55:54PM +0100, Matej Kovacic wrote: > Hi, > > > We've talked about this sort of vague plan in the past, tweaking the > > firewall settings based on your location. Obviously that doesn't work > > so well for wired because you're never 100% what network you're > > connected to, but for wifi if the AP requires a passphrase or is WPA > > Enterprise, you're pretty sure you can trust your location. > What about arp -a or nmap gateway IP?
Using the MAC address of the gateway as discovered by ARP seems reasonable, but nmapping the gateway IP is not. I will ban any device on my network that scans the router. Keep in mind though that sometimes the MAC address might change...like various redundancy setups, hardware replacement, etc. It might also change if you plug into a different subnet of the same router in the same administrative domain (or it might not, depending on the model and configuration of the router(s)). That could be useful or not depending on your perspective. I suppose that would happen infrequently enough that the MAC address is "good enough" for a stable LAN identifier. Ideally, the user should be able to pick a location such that they could associate the same location with the various subnets and/or WiFI SSIDs they connect to that are part of the same administrative domain. _______________________________________________ networkmanager-list mailing list networkmanager-list@gnome.org http://mail.gnome.org/mailman/listinfo/networkmanager-list