From owner-freebsd-ipfw@FreeBSD.ORG  Fri Jul 23 21:21:13 2004
Return-Path: <owner-freebsd-ipfw@FreeBSD.ORG>
Delivered-To: freebsd-ipfw@freebsd.org
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP id A62A916A4CE
	for <freebsd-ipfw@freebsd.org>; Fri, 23 Jul 2004 21:21:13 +0000 (GMT)
Received: from ctb-mesg6.saix.net (ctb-mesg6.saix.net [196.25.240.78])
	by mx1.FreeBSD.org (Postfix) with ESMTP id 08F3543D1D
	for <freebsd-ipfw@freebsd.org>; Fri, 23 Jul 2004 21:21:13 +0000 (GMT)
	(envelope-from savage@savage.za.org)
Received: from netsphere.varynet.co.za (wblv-229-49.telkomadsl.co.za
	[165.165.229.49])
	by ctb-mesg6.saix.net (Postfix) with ESMTP id CA57CFED1
	for <freebsd-ipfw@freebsd.org>;
	Fri, 23 Jul 2004 23:21:06 +0200 (SAST)
Received: from netphobia.varynet.co.za ([192.168.1.10] helo=netphobia)
	by netsphere.varynet.co.za with smtp (Exim 4.34 (FreeBSD))
	id 1Bo7TQ-0009L9-qn
	for freebsd-ipfw@freebsd.org; Fri, 23 Jul 2004 23:21:01 +0200
Message-ID: <000d01c470fa$f7785590$310013c6@savage.za.org>
From: "Chris Knipe" <savage@savage.za.org>
To: <freebsd-ipfw@freebsd.org>
Date: Fri, 23 Jul 2004 23:21:01 +0200
MIME-Version: 1.0
Content-Type: text/plain;
	charset="iso-8859-1"
Content-Transfer-Encoding: 7bit
X-Priority: 3
X-MSMail-Priority: Normal
X-Mailer: Microsoft Outlook Express 6.00.2800.1437
X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2800.1441
Received-SPF: softfail (netsphere.savage.za.org: transitioning domain of
	savage@savage.za.org does not designate 192.168.1.10 as permitted sender)
X-Spam-Score: 0.1 (/)
X-Spam-Report: 0.1/5.5
Subject: ipfw & MAC Filtering
X-BeenThere: freebsd-ipfw@freebsd.org
X-Mailman-Version: 2.1.1
Precedence: list
Reply-To: Chris Knipe <savage@savage.za.org>
List-Id: IPFW Technical Discussions <freebsd-ipfw.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-ipfw>,
	<mailto:freebsd-ipfw-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-ipfw>
List-Post: <mailto:freebsd-ipfw@freebsd.org>
List-Help: <mailto:freebsd-ipfw-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-ipfw>,
	<mailto:freebsd-ipfw-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Fri, 23 Jul 2004 21:21:13 -0000

Lo all,

Just very quickly...

00500    0      0 allow ip from any to any MAC 00:30:4f:27:0e:1a any via
ath1
00501    0      0 allow ip from any to any MAC any 00:30:4f:27:0e:1a via
ath1

su-2.05b# arp -an
? (198.19.0.49) at 00:30:4f:27:0e:1a on ath1 [ethernet]

su-2.05b# uname -sr
FreeBSD 5.2.1-RELEASE-p9

Why does it not see anything??

Basically, I want to try and firewall any device on the network except for a
specific list of MAC addresses....  However, I am lost because ipfw does not
seem to even want to see the mac address?? :/

--
Chris.