On Fri, 2006-01-13 at 23:19:01 +0100, Bc. Radek Krejca proclaimed... > I need to restrict some mac addresses or better allow set of > addresses and block others. > > How can I do it? Is there any tool in OpenBSD?
Just add the idiots to a file... # cat /etc/arp.table 127.66.131.1 00:02:4d:b2:9b:48 permanent #idiot1 127.66.131.2 00:05:4d:3d:39:13 permanent #idiot2 127.66.131.3 00:08:6d:da:39:18 permanent #idiot3 then build static arp entries # /usr/sbin/arp -f /etc/arp.table Next, just block 127.66.0.0/16. # grep '127.66' /etc/pf.conf block in log quick from 127.66.0.0/16 to any label morons It's quit, cheap, and lame. But it works.
