[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: PF MAC Filter



No, it is not possible.
And you should remember that a setup like that can cut you off by mistake;
everyone who had to deal with a Fw-1 and the f***ng arp-cache
should know ...
And another thing :
In Ethernet terms, you can only see MAC's on your ethernet segment (eg a
router,switch)
etc, so if you a have a router in front of your pf firewall, MAC filterering
can only make sure,
that this is the router your are dealing with.
As far as I remember, you will never see the MAC's of hosts BEFORE the
router.
So to mee it seems only like some anti-spoofing techniq with limited
ability;
Are you sure you want that ?
Perhaps you should specify your intention a bit clearer.
----- Original Message -----
From: "Shawn Mitchell" <shawnm@iodamedia.net>
To: <pf@benzedrine.cx>
Sent: Wednesday, February 26, 2003 10:26 AM
Subject: PF MAC Filter
>
> Is it possable to specify a MAC Address filter?
>
> And just to go ahead and cut off the trolls on MAC Filtering...  I know
you
> can change your MAC address.  I don't care that you can.  I'm wanting to
> place a few filters that will stop 98% of the people out there, and put
> something in place to where I can force an IP Address to be used only by a
> specified network interface.
>
>
>