[Q-4.8-R] Can Anyone Help With Questions About MAC Filtering
and IPFW2 ?
clemens fischer
ino-qc at spotteswoode.de.eu.org
Sat Apr 19 01:06:51 PDT 2003
"The Jetman" <jetman516 at hotmail.com>:
> I'm using 4.8-RELEASE to implement MAC-filtering bridge for my
> wireless network. Altho I am relatively new w/ FBSD (since Apr '02),
> I've been getting the desired results writing my own rules for IPFW. My
> 1st attempt w/ IPFW2 was successful, but I can't figure out why !
please (i) check the packet flow picture in the man page, (ii) post
your rules with variables substituted, (iii) post the original rules
from "a guy showed his 1st effort" and (iv) your working ipfw1 rules,
unless this gets to be several hundred lines, of course. also,
there's no information on the structure of your network.
"The recv interface can be tested on either incoming or outgoing
packets, while the xmit interface can only be tested on outgoing
packets. So out is required (and in is invalid) whenever xmit is
used.
A packet may not have a receive or transmit interface: packets
originating from the local host have no receive interface, while
packets destined for the local host have no transmit interface."
> (3) ${fwcmd} add allow ${ipanyany}
(3) is dangerous if you don't understand the matching! there's no
anti-spoofing.
clemens
More information about the freebsd-ipfw
mailing list