Re: Blocking Selected IPs from network (mynetwork)

From: /dev/rob0 (no email)
Date: Mon Sep 04 2006 - 08:19:06 EDT

  • Next message: Jochem Meyers: "RE: Mail delivery failed notification for local email"

    On Monday 04 September 2006 04:24, Heinz Ulrich Stille wrote:
    > > mynetworks = !192.168.0.5, !192.168.0.73, 192.168.0.0/24
    >
    > What do you want to achive? Don't you trust those machines or users?
    > If so, what keeps them from using any other IP? If those hosts really
    > are local, you'd need at least something like MAC-based filtering.

    Um, it's trivial to spoof a MAC address. My laptop, for instance, uses
    the same MAC whether connected via wireless or Ethernet. My home server
    uses the MAC of an old 10Base-T card I haven't used in years on its
    external interface (so I keep the same IP with the ISP.)

    In many cases IP-based access is quite good enough, and in no cases is
    MAC-based access much better.

    -- 
        Offlist mail to this address is discarded unless
        "/dev/rob0" or "not-spam" is in Subject: header
    

  • Next message: Jochem Meyers: "RE: Mail delivery failed notification for local email"





    Hosted Email Solutions

    Invaluement Anti-Spam DNSBLs



    Powered By FreeBSD   Powered By FreeBSD