On Thu, Jan 10, 2013 at 6:54 PM, Erling Westenvik <erling.westen...@gmail.com> wrote: > Is it possible to have PF filter on MAC address on a machine with only > one physical nic? I'm aware that MAC filtering can only be done on a > machine configured as a bridge, but how to configure such a bridge?
Add the single interface to the bridge. Tag the packets from a specific MAC. Filter the tag. > ---8<--- > # /etc/hostname.bridge0 > add bge0 > add <??> > rule pass in on bge0 src f8:db:7f:4d:bb:10 tag WWW > rule pass in on bge0 src 00:08:02:85:6c:90 tag SSH > rule pass in on bge0 src 00:16:ea:b3:65:d0 tag SSH > --->8--- > > Regards, > > Erling
