Date: Sat, 2 Aug 2003 20:31:23 -0400 (EDT) From: Mike Wade <mwade@bluehighway.net> To: freebsd-net@freebsd.org Subject: ipfw2 mac address matching weirdness? Message-ID: <20030802203114.J4501@net-ninja.dyndns.org>
next in thread | raw e-mail | index | archive | help
I'm running FreeBSD 4.8 RELEASE w/ IPFW2 support enabled. I'm running into some weirdness with the mac address matching feature or perhaps it's my lack of understanding how it interacts with other rules. :) My goal is to transparently redirect everything except a few select MAC addresses but it doesn't appear to work properly. For example: net-ninja# ipfw list 00001 skipto 65535 ip from any to any MAC any any in via sis0 00002 fwd 127.0.0.1,8080 tcp from any to any dst-port 80 in via sis0 65535 allow ip from any to any This should allow every MAC address to bypass the transparent redirect but it doesn't. If I change rule #1 to: 00001 skipto 65535 ip from any to any in via sis0 Things work as advertised. Any ideas? --- Mike Wade (mwade@bluehighway.net) Blue Highway Labs, LLC.
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20030802203114.J4501>