On Wed, 17 Nov 2004, steve szmidt wrote:
> On Wednesday 17 November 2004 02:47 pm, Mike Branda wrote:
> > I've been googling for a bit and was wondering if anybody knows if you
> > can use the /etc/hosts.allow & hosts.deny files by MAC address instead
> > of network/netmask? I need to deny ssh from everyone but specific
> > machines regardless of IP due to it being dynamic. I have it set up the
> > IP way now but if the address get's re-assigned outside the current
> > block I get screwed. I'd like to set it by the MAC of the originating
> > machine if possible.
> I don't think so. A quick man hosts.allow reveals that it will support domain
> names and ip addresses but not MAC addresses. However you can, using iptables
> or shorewall.
Aren't MAC addresses available only on the same ethernet segment? If so,
the iptables command may be there, but any results it gives are bogus.
-- -eben ebQenW1@EtaRmpTabYayU.rIr.OcoPm home.tampabay.rr.com/hactar AQUARIUS: There's travel in your future when your tongue freezes to the back of a speeding bus. Fill the void in your pathetic life by playing Whack-a-Mole 17 hours a day. -- Weird Al, _Your Horoscope for Today_----------------------------------------------------------------------- This list is provided as an unmoderated internet service by Networked Knowledge Systems (NKS). Views and opinions expressed in messages posted are those of the author and do not necessarily reflect the official policy or position of NKS or any of its employees.
This archive was generated by hypermail 2.1.3 : Fri Aug 01 2014 - 17:35:10 EDT