Hi, Since you are using macmatch module, I presume you already have the mac address of all if not most clients handled by your firewall box. So you could have add a host{} section to HDCP config matching mac addresses to ip addresses for your known clients. example: host fixed-ip-xx { hardware ethernet xx:xx:xx:xx:xx:xx; fixed-addresses xxx.xxx.xxx.xxx; } This way DHCP will assign specific address matching to their mac address. However if what you intend to is to add new clients automatically. . . . . . . (I wonder what for) . . . You'll need to do something else, DHCP as the name says does only dhcp. You could have add a dhcp group for unknown clients, give it a different subnet, and iptable all out going port 80 from that subnet to your apache box. Then on apache box, setup a page that will authenticate user based on whatever authentication you prefer, then simple scripting to add new rules to clients, and maybe update dhcpd.conf (not recommended). The above is a DHCP authentication I've used, quite complicated but it works. However if you're only looking to use DHCP and have all your client's mac addresses, dhcp host statement will work fine for you. Regards, Murf. On Fri, 2005-02-18 at 10:55 +0100, Christoph Mayer wrote: > Hi, > I want to manage access to the Internet > based on the MAC/IP-Address Combination of > my customers. > I accomplished this task with the MAC-IP matching > module from http://www.firerack.com/Members/admin/macmatch . > It works fine if all the customers have a fixed IP Address. > > But how can I do this when I want to assign IP-Addresses > with DHCP ?
Attachment:
signature.asc
Description: This is a digitally signed message part