You can make a file with pairs of <ip> <mac> and load it with arp -f , or man ethers then you can make firewall rules based on ips only, of course don;t forget to drop traffic in FORWARD which not match your clients's source ip. On Wed, 19 Jan 2005 02:36:03 -0800 (PST), Linux Query <linux_query@xxxxxxxxx> wrote: > > Hi all! > > I want to ensure that each of my clients can have > access to the net only with the ip address which is > specifically assigned to him / her. Is the following > going to work ? > > iptables -I FORWARD -o externalinterface -s > xx.xx.xx.xx -m mac --mac-source yy:yy:yy:yy:yy -j > ACCEPT > > or is it required to be done in some other way ? > > thanks and regards to all, > jim. > > > __________________________________ > Do you Yahoo!? > The all-new My Yahoo! - Get yours free! > http://my.yahoo.com > > -- Bla bla
