I am setting up a server in a school network that runs a squid cache (1.1) with proxy authentication. The server is dual-homed with one interface on the internet (56K) and functions as a simple firewall. The server also runs dhcpd, primarily serving out pre-defined IP addresses based upon hardwarte addresses to macs running MacTCP and Open Transport. This setup provides excellent performance and an auditable log of web accesses while protecting the internal network; the macs have no other route to the internet.
However, the macs are physically unsecured, although students are unlikely to monkey with the hardware. Hence, any moderately enterprising prankster could manage to alter the networking setup either directly or by loading a bootleg AdminTCP program or some such. Thus they could set the IP address explicitly. This would jeopardize one of my audit capabilities: identifying the hardware location of the person making a request. What I would like to do is validate that the IP address and the hardware address of any request correspond to those in my dhcpd.conf. ARP/RARP provide the raw tools to do this. What I am looking for is an easy way! Perhaps I could hack redir...but I am sure someone must have already addressed this with a utility. Michael -- TO UNSUBSCRIBE FROM THIS MAILING LIST: e-mail the word "unsubscribe" to [EMAIL PROTECTED] . Trouble? e-mail to [EMAIL PROTECTED]