From owner-freebsd-hackers  Mon Aug 28 19:12:48 2000
Delivered-To: freebsd-hackers@freebsd.org
Received: from bluerose.windmoon.nu (c255152-a.plstn1.sfba.home.com [24.176.132.48])
	by hub.freebsd.org (Postfix) with ESMTP id 516DA37B43C
	for <hackers@FreeBSD.ORG>; Mon, 28 Aug 2000 19:12:45 -0700 (PDT)
Received: from localhost (fengyue@localhost)
	by bluerose.windmoon.nu (8.10.2/Windmoon/8.10.2) with ESMTP id e7T2BEr15012;
	Mon, 28 Aug 2000 19:11:14 -0700 (PDT)
Date: Mon, 28 Aug 2000 19:11:14 -0700 (PDT)
From: FengYue <fengyue@bluerose.windmoon.nu>
To: Jaye Mathisen <mrcpu@internetcds.com>
Cc: Simon <simon@optinet.com>,
	"hackers@FreeBSD.ORG" <hackers@FreeBSD.ORG>
Subject: Re: Anyway to ipfw filter based on MAC address?
In-Reply-To: <Pine.BSF.4.21.0008281901000.4933-100000@schizo.cdsnet.net>
Message-ID: <Pine.BSF.4.10.10008281908480.14986-100000@bluerose.windmoon.nu>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
Sender: owner-freebsd-hackers@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.ORG


Also, be able to filter packets based on TTL and SYN Seq value
would be useful in some cases too -- quiet a few SYN flood programs had
those values hard coded and script kids don't change them.

On Mon, 28 Aug 2000, Jaye Mathisen wrote:

> 
> Just exactly what I said in the Subject.  I want to filter on the ethernet
> MAC address.
> 
> My firewall works fine filtering on IP, now I want to make sure no new
> nodes come up.  I guess I could play some games with arp, but just
> blocking MAC addresses would suffice.
> 
> On Mon, 28 Aug 2000, Simon wrote:
> 
> > What else do you want to filter by? did you read man ipfw? it should tell you all about it. you can filter by uid, type of 
> > packets, source, origin, etc..
> > 
> > -Simon
> > 
> > On Mon, 28 Aug 2000 18:03:58 -0700 (PDT), Jaye Mathisen wrote:
> > 
> > >
> > >
> > >I would love to be able to filter ipfw traffic based on more than just
> > >IP. 
> > >
> > >Anybody done anything like this?
> > >
> > >
> > >
> > >To Unsubscribe: send mail to majordomo@FreeBSD.org
> > >with "unsubscribe freebsd-hackers" in the body of the message
> > >
> > 
> > 
> > 
> 
> 
> 
> To Unsubscribe: send mail to majordomo@FreeBSD.org
> with "unsubscribe freebsd-hackers" in the body of the message
> 



To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-hackers" in the body of the message