Date: Thu, 1 Aug 2002 09:51:15 -0700 (PDT) From: Julian Elischer <julian@elischer.org> To: Anthony Volodkin <anthonyv@brainlink.com> Cc: net@freebsd.org Subject: Re: Filtering of PPPoE packets with ipfw Message-ID: <Pine.BSF.4.21.0208010948390.34540-100000@InterJet.elischer.org> In-Reply-To: <3D48A691.9090901@brainlink.com>
next in thread | previous in thread | raw e-mail | index | archive | help
there is a netgraph node called etf in -current (ether-type filter) it could be used to filter out non-pppoe packets with a little work however you should be able to do it with ipfw by dropping all packets that have come from the wireless card directly. e.g deny ip from any to any in recv an0 (or wi0 if that's what you are using) On Wed, 31 Jul 2002, Anthony Volodkin wrote: > Hi, > > Today, I've setup a machine that allows wireless clients to initiate > PPPoE sessions with it and thus access the internet or the other network > connected to that machine. However, if wireless clients do not use > PPPoE and manually set their IP address/netmask/gateway, they will still > be allowed to access the resources. Is there a way, using ipfw to allow > only the encapsulated PPPoE packets through an interface? I can > definetly tell the difference when looking at them with tcpdump. > > On another note, how do I compile ppp with DES support? The man page > says that this is necessary for it to work with MS-CHAP v2. I cant > figure out how to do that. > > My setup involves, pppoe and ppp. In the future i might investigate > doing this with mpd as well. > > Regards, > Anthony Volodkin > http://non-standard.net/ > > > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-net" in the body of the message > To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.BSF.4.21.0208010948390.34540-100000>