From owner-freebsd-hackers Sat Jun 29 10: 2:53 2002 Delivered-To: freebsd-hackers@freebsd.org Received: from mx1.FreeBSD.org (mx1.FreeBSD.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id CABFD37B400 for ; Sat, 29 Jun 2002 10:02:51 -0700 (PDT) Received: from mail.npubs.com (npubs.com [207.111.208.224]) by mx1.FreeBSD.org (Postfix) with ESMTP id 65DDB43E13 for ; Sat, 29 Jun 2002 10:02:51 -0700 (PDT) (envelope-from nielsen@memberwebs.com) Received: 8.12.2-(Neptune) From: "Nielsen" To: "Terry Lambert" , "Ken Ebling" Cc: References: <000801c21f1c$029cefe0$0201a8c0@Ken> <3D1D4EB3.9410011@mindspring.com> Subject: Re: ipfw/dummynet suggestion MIME-Version: 1.0 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: 7bit X-Priority: 3 X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook Express 6.00.2600.0000 X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2600.0000 Message-Id: <20020629170251.65DDB43E13@mx1.FreeBSD.org> Date: Sat, 29 Jun 2002 10:02:51 -0700 (PDT) Sender: owner-freebsd-hackers@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG Usually remote MAC address. It's used for restricting users on a subnet. I have an ugly hack that does this at present and am looking forward to the MAC address support. Yes, I know users can conceivably change their MAC addresses but most would never know how. They change their IP addresses to get around security restrictions all the time. Nate > Ken Ebling wrote: > > > > Part 1.1 Type: Plain Text (text/plain) > > Encoding: quoted-printable > > | I know this isn't performed at the ip level, but I think a useful = > | addition to ipfw would be to allow filtering by mac addresses. I think = > | a lot of people would find it useful, and a lot of linux users I try and = > | ``convert'' to FreeBSD say they require this feature too. > > Local or remote MAC addresses? > > The remote MAC address is always going to be a peer on the local > wire; usually, this is your router. > > The local MAC address is a 1:N correspondance with IP addresses, > so you can always do whatever you were planning on doing there > using the local IP addresses that are associated with the MAC > in question. > > What is it you are trying to do that is apparently not very > obvious? > > -- Terry To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-hackers" in the body of the message