Date: Tue, 24 Jun 2008 14:08:07 -0500 From: sfourman@gmail.com To: "Chuck Swiger" <cswiger@mac.com> Cc: Yavuz Maslak <maslak@ihlas.net.tr>, freebsd-questions@freebsd.org Subject: Re: how to reject all mac addresses except some mac addresses using ipfw? Message-ID: <11167f520806241208v2f69e936lf9e61a7f74c6be85@mail.gmail.com> In-Reply-To: <E866FCED-6BE9-4B3A-9790-7D0580612773@mac.com> References: <3d0101c8d61f$65630ea0$dc96eed5@ihlasnetym> <E866FCED-6BE9-4B3A-9790-7D0580612773@mac.com>
next in thread | previous in thread | raw e-mail | index | archive | help
would you have a working example on how to deny traffic from a mac address if it is not using a allowed ip address.. I would like to use pf On 6/24/08, Chuck Swiger <cswiger@mac.com> wrote: > On Jun 24, 2008, at 10:26 AM, Yavuz Maslak wrote: >> 1- I want to fix an ip address for each mac address. But some pc and >> servers have more than an ip address. How can I map multiple ip >> addresses for a mac address? > > Most people use ifconfig, perhaps indirectly via /etc/rc.conf. > >> 2- I want to allow these fixed mac addresses using ipfw. After that >> I want to deny all mac address via the server's local ethernet >> card. How can I do these cases? > > Few choose to go that route, but you can disable ARP and set up /etc/ > ethers, or you could even fire up your favorite firewall (IPFW, PF, > whatever), and add allow rules for the permitted MAC addresses, and > deny all others. > > -- > -Chuck > > _______________________________________________ > freebsd-questions@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-questions > To unsubscribe, send any mail to "freebsd-questions-unsubscribe@freebsd.org" >
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?11167f520806241208v2f69e936lf9e61a7f74c6be85>