There is no way unless the firewall is between all machines ie. each machien MUST go through the firewall ) which is pretty damn useless. That's where you run DHCP and use good network management. I have a s^%$ load of network connections into work and it's so complex that noone here wants to know about IP assignments etc.etc.. I have this: DHCP for main network 192.168.0.129-200 Dialup for 8 modems 192.168.0.121-128 DHCP static assign workstations (known hosts get this via MAC listings) 192.168.0.65-120 Servers (Manual IP entered) 192.168.0.1-63 THEN, I have VPN clients which come over on another subnet an route through it via the 192.168.0.254 firewall IP.. and then there's the clients who come over the VPN and on the same IP but are blocked except for the server/port they are allowed access to.. damn confusing really. But the main thing is that I've never had a conflict, ever.. the reason the workstations are all static assigned DHCP addresses is because we wanted it so if anybody hooks into our network (visitors) they are given an IP of 192.168.0.129 and up.. this range is blocked on the firewall and gives no internet access... Hope this gave you some insight... hope it also didn't mean I wasted my times typing it ;P Thanks, ____________________________________________ George Vieira Systems Manager georgev@xxxxxxxxxxxxxxxxxxxxxx Citadel Computer Systems Pty Ltd http://www.citadelcomputer.com.au -----Original Message----- From: Dhyanesh Ramaiya [mailto:dhyanesh@xxxxxxxxxxxxx] Sent: Friday, May 23, 2003 1:01 AM To: netfilter@xxxxxxxxxxxxxxxxxxx Subject: IP conflicts Dear all, Is there any way to prevent IP address conflicts on a network using iptables? Can the MAC address match support or MIRROR target support help to avoid IP address conflicts? Please suggest any other ways possible to do that. Thank you very much. Dhyanesh Ramaiya
