And you missed one too. :) If the pc is behind a router on the internal network, an ARP request will only return the MAC address of the router. Layer 2 information doesn't cross a router.
Chris Green >From: Myron Szymanskyj <[EMAIL PROTECTED]> >To: [EMAIL PROTECTED] >Subject: Re: Filtering my MAC address. >Date: Fri, 09 Nov 2001 01:04:11 +0000 > >--------------------- Attention ----------------------------- >A digest version of this list is now available. >Send email to [EMAIL PROTECTED], with the following message: >subscribe gb-users-digest your_email_address >Then unsubscribe from this list. >------------------------------------------------------------- >GNAT Box User Forum http://www.gnatbox.com/cgi-bin/Ultimate.cgi >Send postings to: [EMAIL PROTECTED] >Access the list archives at: http://www.gnatbox.com/gb-users/ >------------------------------------------------------------- >No. You've missed the point. Subnets and IP addresses can be totally >ignored. It does mean that the GnatBOX could end up with a rather large >table of MAC addresses. > >That the GnatBOX needs to know is that the protocol passing through it is >IP based then extract the port used, if TCP or UDP and the MAC address, if >asked to, ignoring the IP address. > >As mentioned by Brian, the only drawback is that some network cards can >have their hardware MAC address overridden, but then there has got to me >some way to turning off this feature. > >Think simple with this one. In this instance, the IP and subnet settings >are ignored. If it's an IP protocol transmission, look at the MAC address >and not the IP address, or, look at both. It's one dirty way of validating >that the IP address assigned to a computer is as it should be. > >Anyway, just an idle idea. > > > >At 08/11/2001 07:19 pm , "Tom Trenker" <[EMAIL PROTECTED]> wrote: >>I believe that MAC addresses aren't passed by routers, >>so filtering by MAC would only work for machines on a >>local subnet. I doubt if this would be very useful. >>- Tom >> >> >> >> >>Myron Szymanskyj <[EMAIL PROTECTED]>@gta.com on 2001/11/08 07:32:38 AM >> >>Sent by: [EMAIL PROTECTED] >> >> >>To: [EMAIL PROTECTED] >>cc: >> >>Subject: Filtering my MAC address. >> >> >>An interesting query. >> >>Currently the GnatBOX filters by IP address. A feature request. >> >>Could it be possible for the GnatBOX to have the ability to also take into >>consideration the MAC address? >> >>For instance, in filtering a TCP/IP packet, where I'm not interested in >>the >>IP address, but want to stop all data traffic on TCP port 25 from >>originating from MAC address 00AC45A321. >> >>Why? It's easy on a workstation to alter the IP address. For a MAC >>address >>(most NICs) the network adapter usually had to be changed. >> >>Does this make any sense? > >---------------------------------------------- >To Unsubscribe: send mail to [EMAIL PROTECTED] >with "unsubscribe gb-users your_email_address >in the body of the message _________________________________________________________________ Get your FREE download of MSN Explorer at http://explorer.msn.com/intl.asp
