On Fri, Jul 11, 2003 at 04:15:09PM -0400, Dan Mahoney, System Admin wrote: > I'm running 4.7-Release, and I have compiled the firewall into the kernel > but I can't seem to figure out the syntax for mac address based firewalls > . > > I'm trying: > > box#ipfw add 50000 allow ip from any to any in mac any any > ipfw: unknown argument ``mac'' > > If there's some secret to getting this to work, let me know, as right now > I would really like a way to restrict ip traffic by source mac.
MAC is an IPFW2 extension. All FreeBSD 4.x versions compile IPFW1 by default, although from 4.7-RELEASE on, you can optionally select to use IPFW2. IPFW2 is the default in FreeBSD 5.x. You need to add: IPFW2=true to your /etc/make.conf, and options IPFW2 to your kernel config, and rebuild, reinstall world+kernel in the usual fashion. Cheers, Matthew -- Dr Matthew J Seaman MA, D.Phil. 26 The Paddocks Savill Way PGP: http://www.infracaninophile.co.uk/pgpkey Marlow Tel: +44 1628 476614 Bucks., SL7 1TH UK
pgp00000.pgp
Description: PGP signature