Date: Thu, 5 Apr 2001 11:08:36 -0700 From: "Chuck Sumner" <csumner@omnisky.com> To: "'ScaryG'" <scaryg@sputnik.org>, "'Kurtis Smith'" <ksscendyn@yahoo.com> Cc: <freebsd-questions@FreeBSD.ORG> Subject: RE: Traffic shaping natd dhcp and ipfw Message-ID: <001101c0bdfb$6fe25a00$c803a8c0@CSUMNER> In-Reply-To: <008401c0bdf7$cfba03a0$0f01a8c0@phantom>
next in thread | previous in thread | raw e-mail | index | archive | help
another option would be to use group option with dhcpd to assign different
blocks to different groups. then ipfilter to block outgoing access to
certian ports for certian
address space blocks.
or refuse to work for such an employer.
while i agree that lease length time may be a dead end road, its easy to
change:
from man dhcpd.conf
The default-lease-time statement
default-lease-time time;
Time should be the length in seconds that will be assigned
to a lease if the client requesting the lease does not ask
for a specific expiration time.
chuck
-----Original Message-----
From: owner-freebsd-questions@FreeBSD.ORG
[mailto:owner-freebsd-questions@FreeBSD.ORG]On Behalf Of ScaryG
Sent: Thursday, April 05, 2001 10:43 AM
To: Kurtis Smith
Cc: freebsd-questions@FreeBSD.ORG
Subject: Re: Traffic shaping natd dhcp and ipfw
> Well at my work they are wanting to block
> entire access including www, FTP, email for certain machines.
I don't know why you're looking at DHCP and leases.
Assuming your FreeBSD box is your gateway, you should be looking at
/etc/hosts.allow and /etc/hosts.deny I would think.
Or, adding some rules to ipfw.
I don't have any "links" to toss your way, but I'm sure 'man hosts' or
'man hosts.deny' etc may help.
-Gerry
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-questions" in the body of the message
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?001101c0bdfb$6fe25a00$c803a8c0>