Date: Tue, 29 Aug 2000 00:37:45 -0400 (EDT) From: Robert Watson <rwatson@freebsd.org> To: Jaye Mathisen <mrcpu@internetcds.com> Cc: hackers@freebsd.org Subject: Re: Anyway to ipfw filter based on MAC address? Message-ID: <Pine.NEB.3.96L.1000829003608.92823A-100000@fledge.watson.org> In-Reply-To: <Pine.BSF.4.21.0008281803170.4933-100000@schizo.cdsnet.net>
next in thread | previous in thread | raw e-mail | index | archive | help
On Mon, 28 Aug 2000, Jaye Mathisen wrote: > I would love to be able to filter ipfw traffic based on more than just > IP. > > Anybody done anything like this? The OpenBSD bridge filtering code can do this, allowing you to map MAC addresses to specific interfaces, and prevent spoofing, among other things. There's been some talk of restructuring (possibly rewriting) the bridge/filtering code in FreeBSD, and Archie Cobbs has suggested that NetGraph would be a good way to do this. Arbitrary packet filtering would be fairly possible in such an environment, but we don't currently have an implementation that does that. Hopefully in a few months, we'll be able to claim otherwise. Sorry about that! Robert N M Watson robert@fledge.watson.org http://www.watson.org/~robert/ PGP key fingerprint: AF B5 5F FF A6 4A 79 37 ED 5F 55 E9 58 04 6A B1 TIS Labs at Network Associates, Safeport Network Services To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-hackers" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.NEB.3.96L.1000829003608.92823A-100000>