hello I am trying to set up a wireless firewall where users must authenticate before they are able to use it.
What I would like to do is use a bridge and tag MAC addresses with brconfig and then have pf redirect connections to a web authenticator if they haven't been registered or just allow connections to pass through if they are registered. I think I rule like this would work: rdr on $wireless_if proto tcp tagged ! WIFI from any to any \ port www -> ($wireless_if) but I get a syntax error when I try to load the ruleset. So I wonder if I can use the tagged keyword with rdr, and if I can't what are the alternatives? Thanks Andy
