From owner-freebsd-questions Mon Jan 22 13:19:16 2001 Delivered-To: freebsd-questions@freebsd.org Received: from ra.upan.org (upan.org [204.107.76.19]) by hub.freebsd.org (Postfix) with ESMTP id 4A86837B698 for ; Mon, 22 Jan 2001 13:18:56 -0800 (PST) Received: from ocsinternet.com (localhost.upan.org [127.0.0.1]) by ra.upan.org (8.11.1/8.11.1) with ESMTP id f0MGIjn59366; Mon, 22 Jan 2001 16:18:45 GMT (envelope-from mikel@ocsinternet.com) Message-ID: <3A6C5D65.72FAE424@ocsinternet.com> Date: Mon, 22 Jan 2001 16:18:45 +0000 From: Mikel King <"mikel"@ocsinternet.com> Organization: OCS Internet X-Mailer: Mozilla 4.76 [en] (X11; U; FreeBSD 4.2-RELEASE i386) X-Accept-Language: en MIME-Version: 1.0 To: MuratBSD Cc: "Dan Mahoney, System Admin" , questions@FreeBSD.ORG Subject: Re: IPFW Capabilities References: <001601c084b6$2f6d9940$8e8b2bd5@gnu> Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit Sender: owner-freebsd-questions@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG Actually there is ethfw available. Here's the link: http://spe.kakito.com/ Cheers, Mikel MuratBSD wrote: > Hi > > Basically, IP is layer3 and MAC is layer 2 so I think there is no way out > about MAC adress filtering, > > ----- Original Message ----- > From: "Dan Mahoney, System Admin" > To: > Sent: Monday, January 22, 2001 4:48 PM > Subject: IPFW Capabilities > > > Hey all, > > > > I'm currently evaluating the feasibility of using a pure FreeBSD based > > solution versus ETInc's bandwidth manager, which I am considering > > purchasing. Can someone tell me if the following are possible: > > > > 1. Is there a way to make ipfw deny traffic by MAC address? (We have > > colocation customers, and are trying to prevent "stolen" IP addresses.) > > > > 2. Is there any way to set up a dual-NIC freeBSD box as a COMPLETELY > > TRANSPARENT bridge (meaning our customers will not have to change their > > gateway address, and meaning that the machine doing the bandwidth > > management/limiting/throttling will not show up on traceroutes? (I prefer > > this because it makes migration easier, and it also makes things more > > secure (as in, nobody will attack a router that doesn't show up on > > traceroutes). > > > > 3. Is there any way to graph the information shown by ipfw? Like MRTG? > > > > I think that's all. > > > > Thanks in advance, > > > > Dan Mahoney > > > > -- > > > > "There is no right and wrong, there is only fun and boring." > > > > -Fisher Stevens, "Hackers" > > > > --------Dan Mahoney-------- > > Techie, Sysadmin, WebGeek > > Gushi on efnet/undernet IRC > > ICQ: 13735144 AIM: LarpGM > > Web: http://prime.gushi.org > > finger danm@prime.gushi.org > > for pgp public key and tel# > > --------------------------- > > > > > > > > > > To Unsubscribe: send mail to majordomo@FreeBSD.org > > with "unsubscribe freebsd-questions" in the body of the message > > > > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-questions" in the body of the message To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message