From owner-freebsd-security Mon May 22 18:41: 6 2000 Delivered-To: freebsd-security@freebsd.org Received: from nsm.htp.org (nsm.htp.org [202.241.243.104]) by hub.freebsd.org (Postfix) with SMTP id A502337BB22 for ; Mon, 22 May 2000 18:41:00 -0700 (PDT) (envelope-from sen_ml@eccosys.com) Received: (qmail 29341 invoked from network); 23 May 2000 01:37:03 -0000 Received: from localhost (127.0.0.1) by localhost with SMTP; 23 May 2000 01:37:03 -0000 To: freebsd-security@freebsd.org Subject: Re: Firewall Rules From: sen_ml@eccosys.com In-Reply-To: <20000522110814.A5867@toaster.sun4c.net> References: <20000522110814.A5867@toaster.sun4c.net> X-Mailer: Mew version 1.94.1 on Emacs 20.6 / Mule 4.0 (HANANOEN) X-No-Archive: Yes Mime-Version: 1.0 Content-Type: Text/Plain; charset=us-ascii Content-Transfer-Encoding: 7bit Message-Id: <20000523104053L.1001@eccosys.com> Date: Tue, 23 May 2000 10:40:53 +0900 X-Dispatcher: imput version 20000228(IM140) Lines: 18 Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org From: Andre Gironda Subject: Re: Firewall Rules Date: Mon, 22 May 2000 11:08:14 -0700 Message-ID: <20000522110814.A5867@toaster.sun4c.net> > If possible, you should try to segment off those users, because I don't > think there is a way with IPF or IPFW (or any firewall that I can think > of) to block MAC addresses specifically. a bit off-topic remark... not a bsd option, but iptables for linux has a module for filtering by mac address. if interested, have a look at the "other match extensions" section of: http://netfilter.kernelnotes.org/iptables-HOWTO-7.html back to our regularly scheduled program ;-) To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message