From owner-freebsd-net@FreeBSD.ORG  Sun Aug  5 09:10:42 2012
Return-Path: <owner-freebsd-net@FreeBSD.ORG>
Delivered-To: freebsd-net@freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34])
	by hub.freebsd.org (Postfix) with ESMTP id 37C6C106566B
	for <freebsd-net@freebsd.org>; Sun,  5 Aug 2012 09:10:42 +0000 (UTC)
	(envelope-from s.khanchi@gmail.com)
Received: from mail-ob0-f182.google.com (mail-ob0-f182.google.com
	[209.85.214.182])
	by mx1.freebsd.org (Postfix) with ESMTP id F17328FC0C
	for <freebsd-net@freebsd.org>; Sun,  5 Aug 2012 09:10:41 +0000 (UTC)
Received: by obbun3 with SMTP id un3so5078064obb.13
	for <freebsd-net@freebsd.org>; Sun, 05 Aug 2012 02:10:41 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113;
	h=mime-version:sender:from:date:x-google-sender-auth:message-id
	:subject:to:content-type;
	bh=Sm0Fk/JBTZvYZ1SaipcYGUIC5ZcBUrrsZ8DMv51Trts=;
	b=WG5mAAFq2ork4Vr+yLR8jygnEQFL2rbpTOxD1r9RTyoUxrwGCD5AuajAkXVv5aHnbz
	ibwhnOuqhxM0m0tUM4ZkJyoqQibQ1WWlgzjzaWGQt5cs4jeer+PxapPLKh/H2vUNO7rW
	n9MK95lPjUnhQwQ+t9AC+XoWtBcSJx/uxnJKFGxwjgZiF5yWTCkvSr0rhTo2eSJnvrE3
	RvsPkGJHwdXAtCoIve9AFlcqv/my0u3K2es1mkVHyvCz25qSiGUSlwF/WvlLS1DJ9qMe
	EgZ8Q42Tc4Ed3E3tvHFqjyT5R++za5gSEnL+xJabk9iJsM8F/maDBMtHjkCCqF4qaFX5
	oIOg==
Received: by 10.182.86.225 with SMTP id s1mr13755702obz.73.1344157841188; Sun,
	05 Aug 2012 02:10:41 -0700 (PDT)
MIME-Version: 1.0
Sender: s.khanchi@gmail.com
Received: by 10.76.24.170 with HTTP; Sun, 5 Aug 2012 02:10:21 -0700 (PDT)
From: h bagade <bagadeh@gmail.com>
Date: Sun, 5 Aug 2012 13:40:21 +0430
X-Google-Sender-Auth: x9GrZ0LQu-E_Rsl_u8aGX6uIMac
Message-ID: <CAARSjE140_Z-7KLXQ2nx7fOGgYJqhQW4Dp=dhn32DCodMvbM6Q@mail.gmail.com>
To: freebsd-net@freebsd.org
Content-Type: text/plain; charset=ISO-8859-1
X-Content-Filtered-By: Mailman/MimeDel 2.1.5
Subject: problem with mac option on ipfw rule
X-BeenThere: freebsd-net@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: Networking and TCP/IP with FreeBSD <freebsd-net.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-net>,
	<mailto:freebsd-net-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-net>
List-Post: <mailto:freebsd-net@freebsd.org>
List-Help: <mailto:freebsd-net-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-net>,
	<mailto:freebsd-net-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Sun, 05 Aug 2012 09:10:42 -0000

Hi all,

I have problem with setting mac option on ipfw rule. I want to drop all
traffic but the traffic with source mac for example 11:22:33:44:55:66. I
thought it would be possible using the not option to do the work and I have
a set of rules like this:

ipfw -q add 500 set 6 skipto 501 from any to any { not mac any
 11:22:33:44:55:66}
ipfw -q add 501 set 6 drop altq test all from any to any
ipfw -q add 500 set 6 allow all from any to any

I expect it to drop traffic that src mac is not 11:22:33:44:55:66, but it
doesn't work! I've checked it for traffic with and without
src-mac: 11:22:33:44:55:66 and all dropped!

Could anyone tell me what's wrong with my understanding?