ipfw2 mac address matching weirdness?
Mike Wade
mwade at bluehighway.net
Sat Aug 2 17:31:43 PDT 2003
I'm running FreeBSD 4.8 RELEASE w/ IPFW2 support enabled. I'm running
into some weirdness with the mac address matching feature or perhaps it's
my lack of understanding how it interacts with other rules. :)
My goal is to transparently redirect everything except a few select MAC
addresses but it doesn't appear to work properly. For example:
net-ninja# ipfw list
00001 skipto 65535 ip from any to any MAC any any in via sis0
00002 fwd 127.0.0.1,8080 tcp from any to any dst-port 80 in via sis0
65535 allow ip from any to any
This should allow every MAC address to bypass the transparent redirect but
it doesn't. If I change rule #1 to:
00001 skipto 65535 ip from any to any in via sis0
Things work as advertised. Any ideas?
---
Mike Wade (mwade at bluehighway.net)
Blue Highway Labs, LLC.
More information about the freebsd-net
mailing list