[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: filtering by mac address
I'm with ya on that! I was sorta surprised to see IPTables popup :)
----- Original Message -----
From: "Rossam Souza Silva" <rss@cin.ufpe.br>
To: "Andrew Barnes" <tetsuo@cadvision.com>
Cc: "qstreb" <qstreb@ism-computer.de>; <misc@openbsd.org>;
<tech@openbsd.org>
Sent: Sunday, July 22, 2001 4:09 PM
Subject: Re: filtering by mac address
> Yep, a good hack!
>
> But if we can include MAC filter rules in
> pf is even better... ;-)
>
> Rossam Souza Silva (rossam@cin.ufpe.br)
>
> On Sun, 22 Jul 2001, Andrew Barnes wrote:
>
> > It takes a little but it's doable on IPchains as well:
> >
> > /sbin/ipchains -A input -j DENY -s `arp |grep -v Address|grep -i
> > <hwaddress>|\awk '{print $1}'` -d 0.0.0.0/0
> > That command is all on one line, and you'd have to ping the box or make
sure
> > the box sent traffic before this would work. It scans for that MAC and
gets
> > a IP, then blocks based on the current IP.
> >
> > ----- Original Message -----
> > From: "Rossam Souza Silva" <rss@cin.ufpe.br>
> > To: "qstreb" <qstreb@ism-computer.de>
> > Cc: <misc@openbsd.org>; <tech@openbsd.org>
> > Sent: Sunday, July 22, 2001 1:45 PM
> > Subject: Re: filtering by mac address
> >
> >
> > > Well, that's a nice feature that IPTables
> > > has (I think it's the only one ;-).
> > >
> > > The PF Team has some wish to include this
> > > stuff?
> > >
> > > Thanks,
> > >
> > > Rossam Souza Silva (rossam@cin.ufpe.br)
> > >
> > > On Sun, 22 Jul 2001, qstreb wrote:
> > >
> > > > Hi misc,
> > > >
> > > > q: Are there any possibilities to block "problematic" MAC address?
> > > >
> > > > regards,
> > > > qstreb