IP rule to log also source MAC
Łukasz Bromirski
lukasz at bromirski.net
Sat Dec 25 13:48:54 PST 2004
Hi,
I wonder if the `log' keyword for ipfw could be extended to also
log MAC-address of packet originator. Something like `log-input' on
Cisco boxes, where You get also MAC of sender.
It would be useful in scenarios, where You have spoofed traffic
incoming on Ethernet interface, and IP source addresses are faked,
spoofed etc.
..ie, when You have:
deny log ip from any to any not verrevpath in via xl0
something like:
deny log-input ip from any to any not verrevpath in via xl0
...to get also source MAC-address.
--
this space was intentionally left blank | Łukasz Bromirski
you can insert your favourite quote here | lukasz:bromirski,net
More information about the freebsd-ipfw
mailing list