ipfw with nat - allowing by MAC address
Lubomir Georgiev
0shady0recs0 at gmail.com
Sun Apr 22 10:59:29 UTC 2007
Thanks for the response but I have to disagree with you - I have read the
responses time and time again with great attention, but to no avail. From
what you said I understand that in order to utilize MAC address filtering I
would need a managed switch or another box aside from the one that will be
performing the NATing - is that right? Are you sure that there's no way to
combine MAC filtering with NAT in a single box?
Just to make things clear I'll give an example of what I want to do - I
want a machine with say MAC-a to have internet connectivity regardless of
its IP address - that is I can assign to it any of the
192.168.1.Xaddresses. But if a machine with say MAC-b comes into the
network and tries
any IP I want it to be excluded from the NATd rule but still have
connectivity with the FreeBSD box - so that I can open up a terminal and add
it to the rulelist if I want Inet connectivity on that machine.
P.S. I have heard of another way of filtering which uses the ARP tables -
any comments on that? The thing that I don't think I'll be able to
accomplish with the ARP tables is to use any of the 192.168.1.X IP
addresses.
Once again thanks for all your help and I hope we can reach the final
conclusion of this problem.
--
mEsS wItH tHe bEsT
dIE liKe tHe rESt
More information about the freebsd-ipfw
mailing list