No. You've missed the point. Subnets and IP addresses can be totally ignored. It does mean that the GnatBOX could end up with a rather large table of MAC addresses.
That the GnatBOX needs to know is that the protocol passing through it is IP based then extract the port used, if TCP or UDP and the MAC address, if asked to, ignoring the IP address. As mentioned by Brian, the only drawback is that some network cards can have their hardware MAC address overridden, but then there has got to me some way to turning off this feature. Think simple with this one. In this instance, the IP and subnet settings are ignored. If it's an IP protocol transmission, look at the MAC address and not the IP address, or, look at both. It's one dirty way of validating that the IP address assigned to a computer is as it should be. Anyway, just an idle idea. At 08/11/2001 07:19 pm , "Tom Trenker" <[EMAIL PROTECTED]> wrote: >I believe that MAC addresses aren't passed by routers, >so filtering by MAC would only work for machines on a >local subnet. I doubt if this would be very useful. >- Tom > > > > >Myron Szymanskyj <[EMAIL PROTECTED]>@gta.com on 2001/11/08 07:32:38 AM > >Sent by: [EMAIL PROTECTED] > > >To: [EMAIL PROTECTED] >cc: > >Subject: Filtering my MAC address. > > >An interesting query. > >Currently the GnatBOX filters by IP address. A feature request. > >Could it be possible for the GnatBOX to have the ability to also take into >consideration the MAC address? > >For instance, in filtering a TCP/IP packet, where I'm not interested in the >IP address, but want to stop all data traffic on TCP port 25 from >originating from MAC address 00AC45A321. > >Why? It's easy on a workstation to alter the IP address. For a MAC address >(most NICs) the network adapter usually had to be changed. > >Does this make any sense?
