On Fri, 1 May 1998, Richard Potter wrote:
> Is there anyway available to restrict access to services, based on the
> clients MAC address, rather than their ip?
No, because the MAC address isn't part of TCP/IP. All that is required of
a TCP/IP connection is that it have an IP number and that's as good as you
can get. This is good, because otherwise a lot of things that are part of
the Internet wouldn't work. (T-1/T-3/OCx, modems, token rings, frame
relay, etc.)
> I have clients coming in through the internet, with cable modems, whose
> ip's change every so often. I am now restricting access by ip, but this
> has to reworked when their ip changes.
You need to set up an actual authentication system, then. Note that on
the Internet, you really can't rely on the IP address being accurate for a
hostile system anyway. Alternatively, you could take advantage of how
DHCP works and just "lock" the cable modems' IP addresses in. One ping
per hour probably ought to do it. :)
--
PLEASE read the Red Hat FAQ, Tips, Errata and the MAILING LIST ARCHIVES!
http://www.redhat.com/RedHat-FAQ /RedHat-Errata /RedHat-Tips /mailing-lists
To unsubscribe: mail [EMAIL PROTECTED] with
"unsubscribe" as the Subject.
