From owner-freebsd-ipfw@FreeBSD.ORG Sat Jun 19 14:26:39 2004 Return-Path: Delivered-To: freebsd-ipfw@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 9F79116A4CE for ; Sat, 19 Jun 2004 14:26:39 +0000 (GMT) Received: from sccrmhc12.comcast.net (sccrmhc12.comcast.net [204.127.202.56]) by mx1.FreeBSD.org (Postfix) with ESMTP id 670F443D2F for ; Sat, 19 Jun 2004 14:26:39 +0000 (GMT) (envelope-from matt@atopia.net) Received: from [192.168.1.100] (pcp02025587pcs.plsntv01.nj.comcast.net[68.44.29.50]) by comcast.net (sccrmhc12) with ESMTP id <2004061914252301200hojvne>; Sat, 19 Jun 2004 14:25:23 +0000 Message-ID: <40D44E3D.5020805@atopia.net> Date: Sat, 19 Jun 2004 10:31:25 -0400 From: Matt Juszczak User-Agent: Mozilla Thunderbird 0.6 (X11/20040526) X-Accept-Language: en-us, en MIME-Version: 1.0 To: freebsd-ipfw@freebsd.org Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit Subject: IPFW questions: mac filtering X-BeenThere: freebsd-ipfw@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: IPFW Technical Discussions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 19 Jun 2004 14:26:39 -0000 Hello everyone, I originally posted the following message to -questions last night and got a lot of replies: ----------------------------------------- Is there a way to do IP redirection without using layer 3? (IPNAT or routing)? I have a bridge setup and want to redirect any port 80 traffic outgoing through the bridge to a specific server .... but it seems I can only do this with ipfw's forward/fwd or ipnat's rdr commands ... which are all layer 3 oriented and dont work with just a bridge... ----------------------------------------- What I basically wanted to know was whether I could just use a bridge on my FreeBSD box, but still use ipfw or ipnat's forward/rdr options. Looks like the answer is no... seems i actually have to do routing or NAT to get this working ...... So i had another idea, which has sparked another quesiton. Even as a bridge, can ipfw still filter by source mac address (as long as the bridge is on the same subnet, since layer 2 addresses aren't passed very far)......if so, is there a document i can read on how I could filter by mac addresses? Thanks again for everyone's continuing help. And if anyone has any ideas about my quoted question above that I asked to -questions last night, please let me know. For now I'm just assuming its a lost cause. -Matt