From owner-freebsd-net Sun May 9 23:32:54 1999 Delivered-To: freebsd-net@freebsd.org Received: from labinfo.iet.unipi.it (labinfo.iet.unipi.it [131.114.9.5]) by hub.freebsd.org (Postfix) with SMTP id 9491B155B9 for ; Sun, 9 May 1999 23:32:50 -0700 (PDT) (envelope-from luigi@labinfo.iet.unipi.it) Received: from localhost (luigi@localhost) by labinfo.iet.unipi.it (8.6.5/8.6.5) id GAA12226; Mon, 10 May 1999 06:24:22 +0200 From: Luigi Rizzo Message-Id: <199905100424.GAA12226@labinfo.iet.unipi.it> Subject: ipfw misc... To: net@freebsd.org Date: Mon, 10 May 1999 06:24:22 +0200 (MET DST) X-Mailer: ELM [version 2.4 PL23] Content-Type: text Content-Length: 1384 Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org Hi, i have been implementing some additional rules for ipfw to match ethernet header fields. For my purposes, that would mainly be used to block non-ip-related traffic (ie IP and ARP), but it might have some uses for those trying to limit traffic basing on the MAC address, or whatever. Is there any interest for bringing that into the main source tree ? Syntax would be something like ipfw add ether from 12.34.56.78.90 to ... ipfw add ether from type 0x800 to ... etc. On passing, i don't totally like the ipfw approach of deleting the packet in case of a deny rule. For bridging at least, this means we need to make an additional copy just for ipfw purposes (bridged packets may have multiple destinations). If there are no objections, i will move the deletion of the packet outside the ipfw_chk function, so that modules using the code can reuse the packet if they need to. cheers luigi -----------------------------------+------------------------------------- Luigi RIZZO, luigi@iet.unipi.it . Dip. di Ing. dell'Informazione http://www.iet.unipi.it/~luigi/ . Universita` di Pisa TEL/FAX: +39-050-568.533/522 . via Diotisalvi 2, 56126 PISA (Italy) http://www.iet.unipi.it/~luigi/ngc99/ ==== First International Workshop on Networked Group Communication ==== -----------------------------------+------------------------------------- To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message