Re: users bypassing shaper limitation

To: debian-isp@lists.debian.org
Subject: Re: users bypassing shaper limitation
From: ressu@uusikaupunki.fi (Sami Haahtinen)
Date: Sun, 1 Jul 2001 14:30:33 +0300
Message-id: <[🔎] 20010701143033.A927@zanaga.uusikaupunki.fi>
Mail-followup-to: debian-isp@lists.debian.org
In-reply-to: <[🔎] 20010630120728.A1167@einstein.watersend>

On Sat, Jun 30, 2001 at 12:07:28PM +0100, Karl E. Jorgensen wrote:
> On Sat, Jun 30, 2001 at 06:23:19AM +0200, Maurice Verhagen wrote:
> > This first that pops into mind is use DHCP and give a IP-lease to the
> > machines in your local network based on the NIC's Mac address. I
> > guess the only way out for the "bad guys" is to swap the NICs from another
> > machine to get the same effect as changing the IPs now.
> 
> Nope. DHCP does not prevent people from changing their IP
> addresses, it merely makes it marginally more difficult. 
> Besides, the bad guys may choose not to use DHCP - this is
> entirely up to the config on the client machines.

but if you make dynamic firewall rules based on the leases file,
blocking all outside traffic, it would be efficient enough.

Sami

-- 
			  -< Sami Haahtinen >-
      -[ Is it still a bug, if we have learned to live with it? ]-
	-< 2209 3C53 D0FB 041C F7B1  F908 A9B6 F730 B83D 761C >-

Reply to:

Follow-Ups:
- Re: users bypassing shaper limitation
  - From: Gerard MacNeil <macneil@supercity.ns.ca>

References:
- Re: users bypassing shaper limitation
  - From: "Karl E. Jorgensen" <karl@jorgensen.com>

Prev by Date: Re: users bypassing shaper limitation
Next by Date: Re: users bypassing shaper limitation
Previous by thread: Re: users bypassing shaper limitation
Next by thread: Re: users bypassing shaper limitation
Index(es):
- Date
- Thread