From owner-freebsd-questions@FreeBSD.ORG  Tue May  3 09:20:28 2005
Return-Path: <owner-freebsd-questions@FreeBSD.ORG>
Delivered-To: freebsd-questions@freebsd.org
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP id 3EE0C16A4CF
	for <freebsd-questions@freebsd.org>;
	Tue,  3 May 2005 09:20:28 +0000 (GMT)
Received: from szamoca.krvarr.bc.ca (szamoca.krvarr.bc.ca [142.179.111.232])
	by mx1.FreeBSD.org (Postfix) with ESMTP id A4EDF43D5C
	for <freebsd-questions@freebsd.org>;
	Tue,  3 May 2005 09:20:25 +0000 (GMT)
	(envelope-from sandy@krvarr.bc.ca)
Received: from szamoca.krvarr.bc.ca (localhost [127.0.0.1])
	by szamoca.krvarr.bc.ca (8.13.1/8.12.11) with ESMTP id j439K7pG029526;
	Tue, 3 May 2005 02:20:07 -0700 (PDT)
	(envelope-from sandy@szamoca.krvarr.bc.ca)
Received: (from sandy@localhost)
	by szamoca.krvarr.bc.ca (8.13.1/8.12.11/Submit) id j439K548029523;
	Tue, 3 May 2005 02:20:05 -0700 (PDT)
	(envelope-from sandy)
From: Sandy Rutherford <sandy@krvarr.bc.ca>
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Transfer-Encoding: 7bit
Message-ID: <17015.16965.161664.895667@szamoca.krvarr.bc.ca>
Date: Tue, 3 May 2005 02:20:05 -0700
To: John Pettitt <jpp@cloudview.com>
In-Reply-To: <4276EF4B.8000305@cloudview.com>
References: <20050503031357.69849.qmail@web51108.mail.yahoo.com>
	<4276EF4B.8000305@cloudview.com>
X-Mailer: VM 7.07 under Emacs 21.3.1
X-krvarr.bc.ca-MailScanner-Information: Please contact postmaster@krvarr.bc.ca
	for more information.
X-krvarr.bc.ca-MailScanner: Not scanned: please contact
	postmaster@krvarr.bc.ca for details.
X-krvarr.bc.ca-MailScanner-From: sandy@szamoca.krvarr.bc.ca
cc: faisal gillani <fasi_74@yahoo.com>
cc: FreeBSD <freebsd-questions@freebsd.org>
Subject: Re: blocking MAC address with ipfw ?
X-BeenThere: freebsd-questions@freebsd.org
X-Mailman-Version: 2.1.1
Precedence: list
List-Id: User questions <freebsd-questions.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-questions>,
	<mailto:freebsd-questions-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-questions>
List-Post: <mailto:freebsd-questions@freebsd.org>
List-Help: <mailto:freebsd-questions-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-questions>,
	<mailto:freebsd-questions-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Tue, 03 May 2005 09:20:28 -0000

>>>>> On Mon, 02 May 2005 20:26:03 -0700, 
>>>>> John Pettitt <jpp@cloudview.com> said:

 > faisal gillani wrote:
 >> faisal gillani wrote:
 >> 
 >> how can i block a MAC address with ipfw ?
 >> can you share the syntax please ?
 >> 
 >> 
 >> thanks
 >> 
 > man ipfw reveals ...

 >             { MAC | mac } dst-mac src-mac
 >              Match packets with a given dst-mac and src-mac addresses,
 > speci-
 > ...

You also need to make sure that the sysctl variable
net.link.ether.ipfw is set to 1 to enable layer 2 checks.

Sandy