Date: Tue, 7 Sep 2004 23:12:46 +0200 From: Robert Klein <RoKlein@roklein.de> To: freebsd-ipfw@freebsd.org Subject: Re: simple mac address filter Message-ID: <200409072312.46887.RoKlein@roklein.de> In-Reply-To: <20040907210245.GA587@lucy.pool-70-17-33-17.pskn.east.verizon.net> References: <5213605.1094564962778.JavaMail.brisbanebsd@mac.com> <20040907210245.GA587@lucy.pool-70-17-33-17.pskn.east.verizon.net>
next in thread | previous in thread | raw e-mail | index | archive | help
On Dienstag, 7. September 2004 23:02, Skip Ford wrote: > brisbanebsd@mac.com wrote: > > I need to set up MAC filtering on a 5.2.1 Freebsd box. > > Have you enabled it by setting net.link.ether.ipfw to 1? > > > ipfw add allow ip from any to any mac any 00:0d:93:81:82:1e > > Your rule works fine here. > > # ipfw add 10 allow ip from any to any mac 00:50:bf:d3:5a:2f > any 00010 allow ip from any to any MAC 00:50:bf:d3:5a:2f any # > ipfw show 10 > 00010 0 0 allow ip from any to any MAC > 00:50:bf:d3:5a:2f any # sysctl net.link.ether.ipfw=1 > net.link.ether.ipfw: 0 -> 1 > # ipfw show 10 > 00010 351 514213 allow ip from any to any MAC > 00:50:bf:d3:5a:2f any umm... if I think this should not work.. except you have options IPFIREWALL_DEFAULT_TO_ACCEPT in your kernel config file. Could you please check and tell us? Regards, Robert
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200409072312.46887.RoKlein>