Date: Sun, 12 May 2013 12:42:16 -0400 From: Jason Hellenthal <jhellenthal@dataix.net> To: Nomad Esst <noname.esst@yahoo.com> Cc: "freebsd-pf@freebsd.org" <freebsd-pf@freebsd.org> Subject: Re: packet tagging Message-ID: <EB9CBAE7-E250-4D2D-9F86-D09A7D8CB283@DataIX.net> In-Reply-To: <1368255153.65555.YahooMailNeo@web162701.mail.bf1.yahoo.com> References: <1368097169.74234.YahooMailNeo@web162701.mail.bf1.yahoo.com> <878v3obakf.fsf@deeperthought.bsdly.net> <1368103486.77403.YahooMailNeo@web162706.mail.bf1.yahoo.com> <518BC6C2.5030702@stuxnet.org> <5D8FA439-4EA7-462F-B410-A815C1C78769@DataIX.net> <1368255153.65555.YahooMailNeo@web162701.mail.bf1.yahoo.com>
index | next in thread | previous in thread | raw e-mail
I'd say it would probably be a cheaper solution to just code the l2 filtering into pf but would be more of a benefit to you and everyone else to do it on HEAD if its not already there. I believe HEAD uses pf4.5. -- Jason Hellenthal IS&T Services Professional Inbox: jhellenthal@DataIX.net JJH48-ARIN On May 11, 2013, at 2:52, Nomad Esst <noname.esst@yahoo.com> wrote: > > As for 8-STABLE this functionality is not available. > > > I'm not tracking 9-* so someone else will have to answer for that. > > > But as far as L2 filtering on the bridge... > > > You will probably want ipfw instead as on 8-* were using pf4.3¿ which on FreeBSD is L3, & L4 filtering only. > > > If you are looking for a BSD solution for filtering only and your concern is mainly based on using pf, I will sadly say you should lean on OpenBSD unless something changes or you are willing > to use access lists on your switches. > > So bad!!! I'm thinking of developing some utility that do the MAC address filtering and then send them to PF, so PF can decide about them, whether to pass or drop them away. Do you have any ieads about that? > > > Now if your concern is mainly wireless the if_wlan interface is capable of its own l2 filtering but nothing like pf. > > > Good luck & best packeting, > > > -- > > Jason Hellenthal > > IS&T Services Professional > > Inbox: jhellenthal@DataIX.net > > JJH48-ARIN >help
Want to link to this message? Use this
URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?EB9CBAE7-E250-4D2D-9F86-D09A7D8CB283>