Also, be able to filter packets based on TTL and SYN Seq value
would be useful in some cases too -- quiet a few SYN flood programs had
those values hard coded and script kids don't change them.
On Mon, 28 Aug 2000, Jaye Mathisen wrote:
>
> Just exactly what I said in the Subject. I want to filter on the ethernet
> MAC address.
>
> My firewall works fine filtering on IP, now I want to make sure no new
> nodes come up. I guess I could play some games with arp, but just
> blocking MAC addresses would suffice.
>
> On Mon, 28 Aug 2000, Simon wrote:
>
> > What else do you want to filter by? did you read man ipfw? it should tell you all
>about it. you can filter by uid, type of
> > packets, source, origin, etc..
> >
> > -Simon
> >
> > On Mon, 28 Aug 2000 18:03:58 -0700 (PDT), Jaye Mathisen wrote:
> >
> > >
> > >
> > >I would love to be able to filter ipfw traffic based on more than just
> > >IP.
> > >
> > >Anybody done anything like this?
> > >
> > >
> > >
> > >To Unsubscribe: send mail to [EMAIL PROTECTED]
> > >with "unsubscribe freebsd-hackers" in the body of the message
> > >
> >
> >
> >
>
>
>
> To Unsubscribe: send mail to [EMAIL PROTECTED]
> with "unsubscribe freebsd-hackers" in the body of the message
>
To Unsubscribe: send mail to [EMAIL PROTECTED]
with "unsubscribe freebsd-hackers" in the body of the message
