Date: Thu, 30 Aug 2007 15:08:58 +0100 From: Paul Bridger <paul@wilorc.co.uk> To: freebsd-ipfw@freebsd.org Subject: ipfw2 deep packet filtering Message-ID: <46D6CF7A.9080502@wilorc.co.uk>
next in thread | raw e-mail | index | archive | help
Hi I'm trying to solve a problem with ipfw2, so would be grateful for help from anyone on the list with moving things forward. I would like to understand if it's possible to discover the real MAC address of a packet that has been NAT'd by another device. The scenario for using this would be for hosts on a wireless LAN that connect to a wireles router which NAT's their connection and then routes the packets to another LAN (across a wire) where a FreeBSD server performs firewall packet filtering via ipfw2. As all the connections from the hosts on the wireless LAN have had their MAC and IP addresses NAT'd to that of the wireless router, it is difficult to distinguish between hosts, unless some form of deep packet inspection could be performed to discover the true MAC address. Is this something that would be possible with ipfw2? Thank you. -Paul
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?46D6CF7A.9080502>