Date: Fri, 17 Dec 2004 15:26:58 -0800 From: Jon Simola <jsimola@gmail.com> To: freebsd-ipfw@freebsd.org Subject: Using tables for MAC addresses in ipfw2 Message-ID: <8eea040804121715267807440d@mail.gmail.com>
next in thread | raw e-mail | index | archive | help
I do a lot of filtering based on MAC addresses for our DSL network, and the table support in IPFW is close to what I'm looking for. I've taken a quick glimpse through the code (I'm familiar with the ipfw code pre ipfw2) and I don't see any major hangups to implementing a similar table support for MAC addresses. What the situation is is that we are a DSL reseller for the regional telco. All of our customers have their connections bridged over the ATM network and appear on a fast ethernet port on a Cisco 5505. That is the only place we gain access (The ATM and Cisco are telco owned). I have my FreeBSD 5.2.1 router plugged into that port and working fine, but at any time I have 50 or so rules specifically blocking MAC addresses of customers who haven't paid or have viral activity. Does adding MAC tables sound like a logical course of action? Can anyone suggest a different idea, possibly better overall?
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?8eea040804121715267807440d>