Hi, > I'm trying to solve a problem with ipfw2, so would be grateful for help > from anyone on the list with moving things forward.
This is not an ipfw problem. > I would like to understand if it's possible to discover the real MAC > address of a packet that has been NAT'd by another device. The scenario > for using this would be for hosts on a wireless LAN that connect to a > wireles router which NAT's their connection and then routes the packets > to another LAN (across a wire) where a FreeBSD server performs firewall > packet filtering via ipfw2. As all the connections from the hosts on > the wireless LAN have had their MAC and IP addresses NAT'd to that of > the wireless router, it is difficult to distinguish between hosts, > unless some form of deep packet inspection could be performed to > discover the true MAC address. Is this something that would be possible > with ipfw2? There is no way to discover this information. Maybe, you can parse some specific protocols that contain a MAC addresses within packets. But this is hard and don't give a 100% results. The right way, IMHO, is an VPN-connections between Wireless clients and FreeBSD server. -- WBR, Andrey V. Elsukov _______________________________________________ freebsd-ipfw@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-ipfw To unsubscribe, send any mail to "[EMAIL PROTECTED]"