blocking a host
Olivier Nicole
on at cs.ait.ac.th
Sun Sep 25 19:36:58 PDT 2005
// why would you want such a host on your network? if you run a isp of some
// sort and it's a customer who wants to steal static IP's. Why not give
// him one and charge extra? Or design the network better?
I'd say there are plenty of cases where you need to deny access by MAC
rather than by IP.
An example: we are a learning institution, students have their own
laptop (some of them at least). When they abuse the usage policy, we
want to block them by MAC because the IP is dynamic and so does not
reflect one specific machine.
(OK they will change the MAC too, but that kind of think will get them
denied of internet access for good).
Olivier
More information about the freebsd-ipfw
mailing list