Date: Tue, 19 Sep 2000 03:39:32 -0700 From: Julian Elischer <julian@elischer.org> To: Archie Cobbs <archie@whistle.com> Cc: Ben Schumacher <ben@henshaw.net>, freebsd-net@FreeBSD.ORG Subject: Re: netgraph based MAC authentication Message-ID: <39C74264.FF6D5DF@elischer.org> References: <200009190426.VAA01480@bubba.whistle.com>
next in thread | previous in thread | raw e-mail | index | archive | help
Archie Cobbs wrote: > > Ben Schumacher writes: > > I'm working on a project where I need to be able to authenticate people by > > their MAC address against a RADIUS server. While looking into the best way > > to develop this, I starting toying around with netgraph and think it is the > > perfect framework for what I'm trying to do. Basically what I'm going to > > need to do (AFAIK) is divert the packets coming from one ethernet card > > (dc0) to my netgraph node, verify their MAC address, and then push their > > packet on its way. However, I'm still not entirely certain how to > > implement this. > > You might be able to do this without writing your own node. > Just use ng_bpf(4) and maintain the BPF program to match the > MAC addresses you want to accept. I haven't yet been able to work out how to set rules into it.... ( I guess you need to get the compiled bpf program from tcpdump and somehow load it into the node, but I don't see a way of doing that yet) > > -Archie > > ___________________________________________________________________________ > Archie Cobbs * Whistle Communications, Inc. * http://www.whistle.com > > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-net" in the body of the message -- __--_|\ Julian Elischer / \ julian@elischer.org ( OZ ) World tour 2000 ---> X_.---._/ presently in: Perth v To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?39C74264.FF6D5DF>