rules to permit only few MAC address

vladone vladone at
Sat Jul 9 09:40:23 GMT 2005

Now i test this type of control with:
pif is the private interface

$cmd add 200 skipto 210 all from any to any in via $pif layer2
$cmd add 200 skipto 4000 all from any to any out via $pif layer2

$cmd add 210 skipto 3000 MAC any 00:0e:a6:81:40:3e
$cmd add 211 skipto 3000 MAC any 00:50:8b:6b:0c:b2
#deny not allowed
$cmd add 212 deny MAC any any in recv $pif layer2

and work pretty. If anyone have another suggestion please post!

More information about the freebsd-ipfw mailing list