[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

rdr with tagging

I am trying to set up a wireless firewall where users must authenticate
before they are able to use it.
What I would like to do is use a bridge and tag MAC addresses with
brconfig and then have pf redirect connections to a web authenticator
if they haven't been registered or just allow connections to pass
through if they are registered.
I think I rule like this would work:
rdr on $wireless_if proto tcp tagged ! WIFI from any to any \ 
   port www -> ($wireless_if)
but I get a syntax error when I try to load the ruleset.
So I wonder if I can use the tagged keyword with rdr, and if I can't
what are the alternatives?