Date: 19 Apr 2003 10:07:07 +0200 From: "clemens fischer" <ino-qc@spotteswoode.de.eu.org> To: freebsd-ipfw@freebsd.org Subject: Re: [Q-4.8-R] Can Anyone Help With Questions About MAC Filtering and IPFW2 ? Message-ID: <wuhqud04.fsf@ID-23066.news.dfncis.de> In-Reply-To: <Sea2-DAV53hsKd6QR7j00000b77@hotmail.com> (The Jetman's message of "Fri, 18 Apr 2003 17:47:50 -0400") References: <Sea2-DAV53hsKd6QR7j00000b77@hotmail.com>
next in thread | previous in thread | raw e-mail | index | archive | help
"The Jetman" <jetman516@hotmail.com>: > I'm using 4.8-RELEASE to implement MAC-filtering bridge for my > wireless network. Altho I am relatively new w/ FBSD (since Apr '02), > I've been getting the desired results writing my own rules for IPFW. My > 1st attempt w/ IPFW2 was successful, but I can't figure out why ! please (i) check the packet flow picture in the man page, (ii) post your rules with variables substituted, (iii) post the original rules from "a guy showed his 1st effort" and (iv) your working ipfw1 rules, unless this gets to be several hundred lines, of course. also, there's no information on the structure of your network. "The recv interface can be tested on either incoming or outgoing packets, while the xmit interface can only be tested on outgoing packets. So out is required (and in is invalid) whenever xmit is used. A packet may not have a receive or transmit interface: packets originating from the local host have no receive interface, while packets destined for the local host have no transmit interface." > (3) ${fwcmd} add allow ${ipanyany} (3) is dangerous if you don't understand the matching! there's no anti-spoofing. clemens
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?wuhqud04.fsf>