Re: Layer2 Filtering

2004-10-21 Thread Chris Reining 
Eric,
man brconfig(8). You can tag packets based on hardware address and refer
to them using the tagged directive in pf or simply use rules direct with
brconfig.

--
Chris Reining, GCFW, GCIA
[EMAIL PROTECTED]
http://packetfu.org

On Wed, Oct 20, 2004 at 05:59:51PM -0500, eric wrote:
 What's the method by which you folks filter layer 2 traffic? Some of
 my methods don't scale well (static arp entries, etc) and was
 curious to know if there was working being conducted in this area
 for pf, or any other BSD licensed goodies.
 
 Thanks.
 
 - Eric

Re: Layer2 Filtering

2004-10-21 Thread Jason Opperisano 
On Wed, 2004-10-20 at 18:59, eric wrote:
 What's the method by which you folks filter layer 2 traffic? Some of
 my methods don't scale well (static arp entries, etc) and was
 curious to know if there was working being conducted in this area
 for pf, or any other BSD licensed goodies.

man 8 brconfig

check out the examples on creating rules.  especially nifty is the
ability to tag packets at the bridge level and utilize those tags in
your PF rules.

dunno if this qualifies as scalable though...  maybe the rulefile
ability adds scalability.

-j

=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~
Drinking coffee for instant relaxation? That's like drinking alcohol for
instant motor skills. -- Marc Price
=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~

Re: Layer2 Filtering

2004-10-21 Thread Mike Belopuhov 
 What's the method by which you folks filter layer 2 traffic? Some of
 my methods don't scale well (static arp entries, etc) and was
 curious to know if there was working being conducted in this area
 for pf, or any other BSD licensed goodies.


Pf is a layer 3 and 4 packet filter. It doesn't know anything
about underlying layers. (And that is actually great!)

You should look brconfig(8) for layer 2 filtering on bridge.
One can tag traffic flow using brconfig(8), and then apply
some pf rules using ``tagged'' keyword. 

 Thanks.

 - Eric


--
 Mike Belopuhov

Layer2 Filtering

2004-10-20 Thread eric 
What's the method by which you folks filter layer 2 traffic? Some of
my methods don't scale well (static arp entries, etc) and was
curious to know if there was working being conducted in this area
for pf, or any other BSD licensed goodies.

Thanks.

- Eric