Hi,
Since you are using macmatch module, I presume you already have the mac
address of all if not most clients handled by your firewall box.
So you could have add a host{} section to HDCP config matching mac
addresses to ip addresses for your known clients.
example:
host fixed-ip-xx {
hardware ethernet xx:xx:xx:xx:xx:xx;
fixed-addresses xxx.xxx.xxx.xxx;
}
This way DHCP will assign specific address matching to their mac
address.
However if what you intend to is to add new clients
automatically. . . . . . . (I wonder what for) . . . You'll need to do
something else, DHCP as the name says does only dhcp.
You could have add a dhcp group for unknown clients, give it a different
subnet, and iptable all out going port 80 from that subnet to your
apache box.
Then on apache box, setup a page that will authenticate user based on
whatever authentication you prefer, then simple scripting to add new
rules to clients, and maybe update dhcpd.conf (not recommended).
The above is a DHCP authentication I've used, quite complicated but it
works.
However if you're only looking to use DHCP and have all your client's
mac addresses, dhcp host statement will work fine for you.
Regards,
Murf.
On Fri, 2005-02-18 at 10:55 +0100, Christoph Mayer wrote:
> Hi,
> I want to manage access to the Internet
> based on the MAC/IP-Address Combination of
> my customers.
> I accomplished this task with the MAC-IP matching
> module from http://www.firerack.com/Members/admin/macmatch .
> It works fine if all the customers have a fixed IP Address.
>
> But how can I do this when I want to assign IP-Addresses
> with DHCP ?
Attachment:
signature.asc
Description: This is a digitally signed message part