On Mon, 28 Aug 2000, Jaye Mathisen wrote:
> I would love to be able to filter ipfw traffic based on more than just
> IP.
>
> Anybody done anything like this?
The OpenBSD bridge filtering code can do this, allowing you to map MAC
addresses to specific interfaces, and prevent spoofing, among other
things. There's been some talk of restructuring (possibly rewriting) the
bridge/filtering code in FreeBSD, and Archie Cobbs has suggested that
NetGraph would be a good way to do this. Arbitrary packet filtering would
be fairly possible in such an environment, but we don't currently have an
implementation that does that. Hopefully in a few months, we'll be able
to claim otherwise.
Sorry about that!
Robert N M Watson
[EMAIL PROTECTED] http://www.watson.org/~robert/
PGP key fingerprint: AF B5 5F FF A6 4A 79 37 ED 5F 55 E9 58 04 6A B1
TIS Labs at Network Associates, Safeport Network Services
To Unsubscribe: send mail to [EMAIL PROTECTED]
with "unsubscribe freebsd-hackers" in the body of the message
