From owner-freebsd-ipfw@FreeBSD.ORG  Sat Apr 21 15:01:13 2007
Return-Path: <owner-freebsd-ipfw@FreeBSD.ORG>
X-Original-To: ipfw@freebsd.org
Delivered-To: freebsd-ipfw@FreeBSD.ORG
Received: from mx1.freebsd.org (mx1.freebsd.org [69.147.83.52])
	by hub.freebsd.org (Postfix) with ESMTP id 5A8E216A40B
	for <ipfw@freebsd.org>; Sat, 21 Apr 2007 15:01:13 +0000 (UTC)
	(envelope-from vladone@spaingsm.com)
Received: from thunder.lsstelecom.ro (thunder.lsstelecom.ro [194.117.236.32])
	by mx1.freebsd.org (Postfix) with ESMTP id 9807E13C4AD
	for <ipfw@freebsd.org>; Sat, 21 Apr 2007 15:01:12 +0000 (UTC)
	(envelope-from vladone@spaingsm.com)
Received: (qmail 25176 invoked by uid 1007); 21 Apr 2007 15:30:47 +0300
Received: from 6.112.158.88.radiocom.ro (HELO localhost)
	(vladone@spaingsm.com@88.158.112.6)
	by mail.lsstelecom.ro with SMTP; 21 Apr 2007 15:30:47 +0300
Date: Sat, 21 Apr 2007 17:35:10 +0300
From: Fratiman Vladut <vladone@spaingsm.com>
X-Mailer: The Bat! (v3.80.03) Professional
Organization: home
X-Priority: 3 (Normal)
Message-ID: <1029169348.20070421173510@spaingsm.com>
To: ipfw@freebsd.org
In-Reply-To: <937e203f0704201153u7d5c05qb2b0183ca839acf7@mail.gmail.com>
References: <937e203f0704191400i10ae5751ka41c17e40e4eff99@mail.gmail.com>
	<937e203f0704201150n2f7d1cd6t65de8844581562c7@mail.gmail.com>
	<937e203f0704201153u7d5c05qb2b0183ca839acf7@mail.gmail.com>
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Transfer-Encoding: 7bit
Cc: 
Subject: Re: ipfw with nat - allowing by MAC address
X-BeenThere: freebsd-ipfw@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
Reply-To: Fratiman Vladut <vladone@spaingsm.com>
List-Id: IPFW Technical Discussions <freebsd-ipfw.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-ipfw>,
	<mailto:freebsd-ipfw-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-ipfw>
List-Post: <mailto:freebsd-ipfw@freebsd.org>
List-Help: <mailto:freebsd-ipfw-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-ipfw>,
	<mailto:freebsd-ipfw-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Sat, 21 Apr 2007 15:01:13 -0000

You need to enable layer 2 filtering if u want to block mac address,
but is not very useful because can be easy spoofed.
sysctl net.link.ether.ipfw=1
To make this change permanently edit /etc/sysctl.conf

For more information about bridge read this:
 http://www.freebsd.org/doc/en_US.ISO8859-1/books/handbook/network-bridging.html
-- 
Best regards,
 Fratiman                            mailto:vladone@spaingsm.com