From owner-freebsd-questions Mon Jan 22 6:45:10 2001 Delivered-To: freebsd-questions@freebsd.org Received: from prime.gushi.org (prime.gushi.org [208.23.118.172]) by hub.freebsd.org (Postfix) with ESMTP id 79B5637B699 for ; Mon, 22 Jan 2001 06:44:52 -0800 (PST) Received: from localhost (danm@localhost) by prime.gushi.org (8.9.3/8.9.3) with ESMTP id JAA97739 for ; Mon, 22 Jan 2001 09:48:37 -0500 (EST) (envelope-from danm@prime.gushi.org) Date: Mon, 22 Jan 2001 09:48:36 -0500 (EST) From: "Dan Mahoney, System Admin" X-Sender: danm@prime.gushi.org To: questions@freebsd.org Subject: IPFW Capabilities Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-questions@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG Hey all, I'm currently evaluating the feasibility of using a pure FreeBSD based solution versus ETInc's bandwidth manager, which I am considering purchasing. Can someone tell me if the following are possible: 1. Is there a way to make ipfw deny traffic by MAC address? (We have colocation customers, and are trying to prevent "stolen" IP addresses.) 2. Is there any way to set up a dual-NIC freeBSD box as a COMPLETELY TRANSPARENT bridge (meaning our customers will not have to change their gateway address, and meaning that the machine doing the bandwidth management/limiting/throttling will not show up on traceroutes? (I prefer this because it makes migration easier, and it also makes things more secure (as in, nobody will attack a router that doesn't show up on traceroutes). 3. Is there any way to graph the information shown by ipfw? Like MRTG? I think that's all. Thanks in advance, Dan Mahoney -- "There is no right and wrong, there is only fun and boring." -Fisher Stevens, "Hackers" --------Dan Mahoney-------- Techie, Sysadmin, WebGeek Gushi on efnet/undernet IRC ICQ: 13735144 AIM: LarpGM Web: http://prime.gushi.org finger danm@prime.gushi.org for pgp public key and tel# --------------------------- To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message