On Sun, May 07, 2006 at 11:30:19AM -0700, S t i n g r a y wrote: > ok sorry for that , but i think you totally > misunderstood my question, i wanted to know the > procedure i can use to allow a list of internal mac > addresses to access my NAT server to access internet. > all other mac's should be disallowed. > > simple :)
PF filters by IP, but bridge interfaces can be filtered by mac addresses. See brconfig(8) and bridge(4).
