From owner-freebsd-questions@FreeBSD.ORG  Sun Jun 10 13:34:21 2012
Return-Path: <owner-freebsd-questions@FreeBSD.ORG>
Delivered-To: freebsd-questions@freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [69.147.83.52])
	by hub.freebsd.org (Postfix) with ESMTP id C39B5106566C
	for <freebsd-questions@freebsd.org>;
	Sun, 10 Jun 2012 13:34:21 +0000 (UTC) (envelope-from jhs@berklix.com)
Received: from tower.berklix.org (tower.berklix.org [83.236.223.114])
	by mx1.freebsd.org (Postfix) with ESMTP id 5051D8FC18
	for <freebsd-questions@freebsd.org>;
	Sun, 10 Jun 2012 13:34:21 +0000 (UTC)
Received: from mart.js.berklix.net (pD9FBE69B.dip.t-dialin.net
	[217.251.230.155]) (authenticated bits=0)
	by tower.berklix.org (8.14.2/8.14.2) with ESMTP id q5ADYJdi013555;
	Sun, 10 Jun 2012 13:34:20 GMT (envelope-from jhs@berklix.com)
Received: from fire.js.berklix.net (fire.js.berklix.net [192.168.91.41])
	by mart.js.berklix.net (8.14.3/8.14.3) with ESMTP id q5ADY5uT030859;
	Sun, 10 Jun 2012 15:34:06 +0200 (CEST)
	(envelope-from jhs@berklix.com)
Received: from fire.js.berklix.net (localhost [127.0.0.1])
	by fire.js.berklix.net (8.14.4/8.14.4) with ESMTP id q5ADXsS5018279;
	Sun, 10 Jun 2012 15:34:00 +0200 (CEST)
	(envelope-from jhs@fire.js.berklix.net)
Message-Id: <201206101334.q5ADXsS5018279@fire.js.berklix.net>
To: Bill Yuan <bycn82@gmail.com>
From: "Julian H. Stacey" <jhs@berklix.com>
Organization: http://berklix.com BSD Unix Linux Consultancy, Munich Germany
User-agent: EXMH on FreeBSD http://berklix.com/free/
X-URL: http://www.berklix.com
In-reply-to: Your message "Sun, 10 Jun 2012 21:09:01 +0800."
	<CAC+JH2ySQVCSXY+3Grh+Qe=Li3WzSYu8CzQ3sA1w3AZGPjptnQ@mail.gmail.com> 
Date: Sun, 10 Jun 2012 15:33:54 +0200
Sender: jhs@berklix.com
Cc: FreeBSD Questions <freebsd-questions@freebsd.org>
Subject: Re: how to allow by MAC 
X-BeenThere: freebsd-questions@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: User questions <freebsd-questions.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-questions>, 
	<mailto:freebsd-questions-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-questions>
List-Post: <mailto:freebsd-questions@freebsd.org>
List-Help: <mailto:freebsd-questions-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-questions>, 
	<mailto:freebsd-questions-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Sun, 10 Jun 2012 13:34:21 -0000

Hi,
Reference:
> From:		Bill Yuan <bycn82@gmail.com> 
> Date:		Sun, 10 Jun 2012 21:09:01 +0800 
> Message-id:	<CAC+JH2ySQVCSXY+3Grh+Qe=Li3WzSYu8CzQ3sA1w3AZGPjptnQ@mail.gmail.com> 

Bill Yuan wrote:
> come on , someone help please,
> 
> 
> 
> On Sun, Jun 10, 2012 at 5:43 PM, Bill Yuan <bycn82@gmail.com> wrote:
> 
> > Hi,
> >
> > how to allow by MAC in ipfw
> >
> > currently i set the rule like below
> >
> > 1  allow ip from any to any MAC any to <MAC Address 1>
> > 1  allow ip from any to any MAC <MAC Address 1> any
> > 2 deny all from any to any
> >
> > i want to only allow the mac address to go through the freebsd firewall,
> >
> > but I found it is not working on my freebsd but it works on pfsense!
> >
> > so maybe that means the environment is not the same ? and how to setup the
> > ipfw properly to support this ?

Maybe others ignored it for the same reason I did: blocking by MAC
number seems weird & of no interest, I block & pass by IP net number.

Cheers,
Julian
-- 
Julian Stacey, BSD Unix Linux C Sys Eng Consultants Munich http://berklix.com
 Reply below not above, cumulative like a play script, & indent with "> ".
 Format: Plain text. Not HTML, multipart/alternative, base64, quoted-printable.
	Mail from @yahoo dumped @berklix.  http://berklix.org/yahoo/