additional rule has been set up to block internet access for all IP addresses not fitting into DHCP's range (but are on the same subnet). all MACs that should be active on my network have been recorded and a rule is set up for both UP and DOWNLOAD for each MAC, Network hardware consists of three wireless APs, each with ethernet ports (WDS implemented) and two switches, every piece of hardware is at different location making it hard to monitor who is pluging what into ethernet ports. DHCP is set up (same comp which runs gateway) and is giving addresses from a certain range. I have less than 15 hosts which all go through my gateway for internet access (cable), I think that Zubair is having the problem which I tend to prevent from happening. Yes, that's what I mean, but how do you make such a rule?
