check your pf.conf configuration also, as Pf works on Bridged Packets also,
another approach would be to tag packets comming in on em2 from bad mac lets call the tag bad-dhcp-requests have a look a puting something like this in your hostname.bridgeX rule pass in on em2 src <mac-address> tag BAD-DHCP have a look a puting something like this in your pf.conf pass out quick on em2 block in em2 quick proto udp dport 67 tagged BAD-DHCP pass in quick on em2 On 2 March 2018 at 09:07, Marcus MERIGHI <mcmer-open...@tor.at> wrote: > Hello, > > in my quest to silence a misbehaving wifi access point spamming the log > files by getting dhcp leases it does not accept I tried the following to > be able to "ifconfig bridge2 rule block in on em2 src ...": > > wlan_ap > \ > em(4) (up) > \ > bridge(4) (add vether2, add em2) > / > vether(4) (up) > \ > carp(4) (carpdev vether2, ip address, ...) > \ > pf etc. > > Thanks for the documentation in the FAQ and man pages! > > Once I enabled the changes, tcpdump(8) showed only inbound traffic on > em(4), no more outbound packets. I had to revert quickly to keep people > online. > > The wifi access point currently cannot be just replaced. It works in all > other aspects but getting a dhcp lease for itself. > > Am I getting the concept wrong? Any pointers? > > Thanks in advance for any hints, clue sticks, ... > > Marcus >
