Date: Fri, 11 Jul 2003 21:26:24 +0100 From: Matthew Seaman <m.seaman@infracaninophile.co.uk> To: "Dan Mahoney, System Admin" <danm@prime.gushi.org> Cc: questions@freebsd.org Subject: Re: ipfw and MAC Addresses Message-ID: <20030711202624.GA56646@happy-idiot-talk.infracaninophile.co.uk> In-Reply-To: <20030711160555.J21658-100000@prime.gushi.org> References: <20030711160555.J21658-100000@prime.gushi.org>
next in thread | previous in thread | raw e-mail | index | archive | help
--J/dobhs11T7y2rNN
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable
On Fri, Jul 11, 2003 at 04:15:09PM -0400, Dan Mahoney, System Admin wrote:
> I'm running 4.7-Release, and I have compiled the firewall into the kernel
> but I can't seem to figure out the syntax for mac address based firewalls
> .
>=20
> I'm trying:
>=20
> box#ipfw add 50000 allow ip from any to any in mac any any
> ipfw: unknown argument ``mac''
>=20
> If there's some secret to getting this to work, let me know, as right now
> I would really like a way to restrict ip traffic by source mac.
MAC is an IPFW2 extension. All FreeBSD 4.x versions compile IPFW1 by
default, although from 4.7-RELEASE on, you can optionally select to
use IPFW2. IPFW2 is the default in FreeBSD 5.x.
You need to add:
IPFW2=3Dtrue
to your /etc/make.conf, and
options IPFW2
to your kernel config, and rebuild, reinstall world+kernel in the
usual fashion.
Cheers,
Matthew=09
--=20
Dr Matthew J Seaman MA, D.Phil. 26 The Paddocks
Savill Way
PGP: http://www.infracaninophile.co.uk/pgpkey Marlow
Tel: +44 1628 476614 Bucks., SL7 1TH UK
--J/dobhs11T7y2rNN
Content-Type: application/pgp-signature
Content-Disposition: inline
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.2 (FreeBSD)
iD8DBQE/Dx1wdtESqEQa7a0RAjk8AJ9gonjckYN1KZPm0TbznZ3hhxIhbgCglavf
IWVpLDITuYNdSPrljztyT5Q=
=4Hwt
-----END PGP SIGNATURE-----
--J/dobhs11T7y2rNN--
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20030711202624.GA56646>