packet tagging

[Jason Hellenthal]

I'd say it would probably be a cheaper solution to just code the l2 filtering into pf but would be more of a benefit to you and everyone else to do it on HEAD if its not already there. I believe HEAD uses pf4.5.

-- 
 Jason Hellenthal
 IS&T Services Professional
 Inbox: jhellenthal at DataIX.net
 JJH48-ARIN


On May 11, 2013, at 2:52, Nomad Esst <noname.esst at yahoo.com> wrote:

>  > As for 8-STABLE this functionality is not available.
> 
>  > I'm not tracking 9-* so someone else will have to answer for that.
> 
>  > But as far as L2 filtering on the bridge...
> 
>  > You will probably want ipfw instead as on 8-* were using pf4.3¿ which on FreeBSD is L3, & L4 filtering only.
> 
>  > If you are looking for a BSD solution for filtering only and your concern is mainly based on using pf, I will sadly say you should lean on OpenBSD unless something changes or you are willing  >  to use access lists on your switches.
> 
> So bad!!! I'm thinking of developing some utility that do the MAC address filtering and then send them to PF, so PF can decide about them, whether to pass or drop them away. Do you have any ieads about that?
> 
> > Now if your concern is mainly wireless the if_wlan interface is capable of its own l2 filtering but nothing like pf.
> 
> > Good luck & best packeting,
> 
> > -- 
> > Jason Hellenthal
> > IS&T Services Professional
> > Inbox: jhellenthal at DataIX.net
> > JJH48-ARIN
>