From owner-freebsd-questions@freebsd.org  Fri Apr  1 10:28:00 2016
Return-Path: <owner-freebsd-questions@freebsd.org>
Delivered-To: freebsd-questions@mailman.ysv.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org
 [IPv6:2001:1900:2254:206a::19:1])
 by mailman.ysv.freebsd.org (Postfix) with ESMTP id BB3F6AEBCED
 for <freebsd-questions@mailman.ysv.freebsd.org>;
 Fri,  1 Apr 2016 10:28:00 +0000 (UTC)
 (envelope-from carmel_ny@outlook.com)
Received: from BLU004-OMC4S18.hotmail.com (blu004-omc4s18.hotmail.com
 [65.55.111.157])
 (using TLSv1.2 with cipher ECDHE-RSA-AES256-SHA384 (256/256 bits))
 (Client CN "*.outlook.com", Issuer "MSIT Machine Auth CA 2" (verified OK))
 by mx1.freebsd.org (Postfix) with ESMTPS id 7C3241187
 for <freebsd-questions@freebsd.org>; Fri,  1 Apr 2016 10:28:00 +0000 (UTC)
 (envelope-from carmel_ny@outlook.com)
Received: from BLU436-SMTP107 ([65.55.111.135]) by BLU004-OMC4S18.hotmail.com
 over TLS secured channel with Microsoft SMTPSVC(7.5.7601.23008); 
 Fri, 1 Apr 2016 03:26:53 -0700
X-TMN: [m1a0RPtnSxjVeDSvFWnVm43uElbEkOdq]
X-Originating-Email: [carmel_ny@outlook.com]
Message-ID: <BLU436-SMTP107E0977D507D5DD49CCB79809A0@phx.gbl>
Date: Fri, 1 Apr 2016 06:26:34 -0400
From: Carmel <carmel_ny@outlook.com>
To: freebsd-questions@freebsd.org
Subject: IPFW Firewall Rule
Organization: Seibercom NET
X-Mailer: Claws Mail 3.13.2 (GTK+ 2.24.28; i686-w64-mingw32)
MIME-Version: 1.0
Content-Type: text/plain; charset="US-ASCII"
Content-Transfer-Encoding: 7bit
X-OriginalArrivalTime: 01 Apr 2016 10:26:52.0593 (UTC)
 FILETIME=[01F1BA10:01D18C01]
X-BeenThere: freebsd-questions@freebsd.org
X-Mailman-Version: 2.1.21
Precedence: list
List-Id: User questions <freebsd-questions.freebsd.org>
List-Unsubscribe: <https://lists.freebsd.org/mailman/options/freebsd-questions>, 
 <mailto:freebsd-questions-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-questions/>
List-Post: <mailto:freebsd-questions@freebsd.org>
List-Help: <mailto:freebsd-questions-request@freebsd.org?subject=help>
List-Subscribe: <https://lists.freebsd.org/mailman/listinfo/freebsd-questions>, 
 <mailto:freebsd-questions-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Fri, 01 Apr 2016 10:28:00 -0000

I have two laptops that I use when I travel. I need them to have access
to my LDAP server. I tried configuring this in my IPFW firewall rules,
but they fail:

#!/bin/sh
cmd="ipfw -q add"
pif="em0"

## Lots of rules - truncated

$cmd allow log tcp from any MAC "0C:54:A5:04:BA:DD" to me 389 in via $pif setup keep-state
$cmd allow log tcp from any MAC "00:1A:A0:89:CA:EA" to me 389 in via $pif setup keep-state

This is the error message repeated twice:

ipfw: missing ``to''

If I substitute an IP address and remove the "any MAC "address" it works
fine. I got this example from a web search. Can anyone tell me what I
am doing wrong?

-- 
Carmel