From owner-freebsd-ipfw@FreeBSD.ORG Fri Jul 23 21:56:22 2004 Return-Path: Delivered-To: freebsd-ipfw@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 520FA16A4CE for ; Fri, 23 Jul 2004 21:56:22 +0000 (GMT) Received: from chello080110061116.502.15.vie.surfer.at (chello080110061116.502.15.vie.surfer.at [80.110.61.116]) by mx1.FreeBSD.org (Postfix) with SMTP id E618243D46 for ; Fri, 23 Jul 2004 21:56:20 +0000 (GMT) (envelope-from 4711@chello.at) Received: (qmail 96656 invoked from network); 23 Jul 2004 21:56:19 -0000 Received: from matrix010.matrix.net (192.168.123.10) by ns.matrix.net with SMTP; 23 Jul 2004 21:56:19 -0000 From: Christian Hiris <4711@chello.at> To: freebsd-ipfw@freebsd.org, Chris Knipe Date: Fri, 23 Jul 2004 23:56:08 +0200 User-Agent: KMail/1.6.2 References: <000d01c470fa$f7785590$310013c6@savage.za.org> In-Reply-To: <000d01c470fa$f7785590$310013c6@savage.za.org> MIME-Version: 1.0 Content-Type: multipart/signed; protocol="application/pgp-signature"; micalg=pgp-sha1; boundary="Boundary-02=_CmYABD560NMfbVE"; charset="iso-8859-1" Content-Transfer-Encoding: 7bit Message-Id: <200407232356.18977.4711@chello.at> Subject: Re: ipfw & MAC Filtering X-BeenThere: freebsd-ipfw@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: IPFW Technical Discussions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 23 Jul 2004 21:56:22 -0000 --Boundary-02=_CmYABD560NMfbVE Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: quoted-printable Content-Disposition: inline On Friday 23 July 2004 23:21, Chris Knipe wrote: > Lo all, > > Just very quickly... > > 00500 0 0 allow ip from any to any MAC 00:30:4f:27:0e:1a any via > ath1 > 00501 0 0 allow ip from any to any MAC any 00:30:4f:27:0e:1a via > ath1 > > su-2.05b# arp -an > ? (198.19.0.49) at 00:30:4f:27:0e:1a on ath1 [ethernet] > > su-2.05b# uname -sr > FreeBSD 5.2.1-RELEASE-p9 > > Why does it not see anything?? > > Basically, I want to try and firewall any device on the network except for > a specific list of MAC addresses.... However, I am lost because ipfw does > not seem to even want to see the mac address?? :/ > Have you set sysctl net.link.ether.ipfw=3D1 ? br ch =2D-=20 Christian Hiris <4711@chello.at> | OpenPGP KeyID 0x941B6B0B=20 OpenPGP-Key at hkp://wwwkeys.eu.pgp.net and http://pgp.mit.edu --Boundary-02=_CmYABD560NMfbVE Content-Type: application/pgp-signature Content-Description: signature -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.4 (FreeBSD) iD8DBQBBAYmCcyi/EZQbawsRAtbZAJ9oYdwobdAuTD0XlGWmNf/N/qJgxQCdEheD CoMq/f9Ys5Iga/K7YBlT7og= =WM8h -----END PGP SIGNATURE----- --Boundary-02=_CmYABD560NMfbVE--