Date: Thu, 30 Aug 2007 15:56:57 -0500 From: Chris Bowman <daiyon.fbsd@gmail.com> To: paul@wilorc.co.uk Cc: freebsd-ipfw@freebsd.org Subject: Re: ipfw2 deep packet filtering Message-ID: <46D72F19.10006@gmail.com> In-Reply-To: <46D6CF7A.9080502@wilorc.co.uk> References: <46D6CF7A.9080502@wilorc.co.uk>
next in thread | previous in thread | raw e-mail | index | archive | help
Quick answer would be, not in that scenario. All frames from your NAT router to your FreeBSD machine are only going to have the SRC MAC of the NAT router itself, and the DST MAC of the FreeBSD machine if it's directly connected. You might be able to identify the hosts to a degree that are behind the router by using some type of passive OS identification. The easiest way to get what you want would be to replace the wireless NAT router with an access point which will allow you to bridge your wireless hosts directly to your wired network, and finally to your FreeBSD machine, use FreeBSD to do your NAT. Chris Bowman Paul Bridger wrote: > Hi > > I'm trying to solve a problem with ipfw2, so would be grateful for > help from anyone on the list with moving things forward. > > I would like to understand if it's possible to discover the real MAC > address of a packet that has been NAT'd by another device. The > scenario for using this would be for hosts on a wireless LAN that > connect to a wireles router which NAT's their connection and then > routes the packets to another LAN (across a wire) where a FreeBSD > server performs firewall packet filtering via ipfw2. As all the > connections from the hosts on the wireless LAN have had their MAC and > IP addresses NAT'd to that of the wireless router, it is difficult to > distinguish between hosts, unless some form of deep packet inspection > could be performed to discover the true MAC address. Is this > something that would be possible with ipfw2? > > Thank you. > > -Paul > _______________________________________________ > freebsd-ipfw@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-ipfw > To unsubscribe, send any mail to "freebsd-ipfw-unsubscribe@freebsd.org" >
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?46D72F19.10006>