Hi, I'm trying to write some ipfw rules to divert packets from a machine matching a MAC address to a natd process running on a custom divert port.
Here are the rules I tries that don't work: ipfw add 99 divert 8669 mac any 00:E0:18:F1:57:94 via wi0 ipfw add 99 divert 8669 mac 00:E0:18:F1:57:94 any via wi0
These do not match and the packets don't get diverted.
However, something like this does work: ipfw add 49 deny mac any 00:E0:18:F1:57:94 via wi0 ipfw add 49 deny mac 00:E0:18:F1:57:94 any via wi0
Packets are appropriately denied.
This will work, using the ipaddress of the machine instead of its MAC: ipfw add 99 divert 8669 ip from 10.0.0.243 to any via wi0 ipfw add 99 divert 8669 ip from any to 10.0.0.243 via wi0
What changes between using "deny" versus "divert" as a rule action that MAC addresses don't match? Any suggestions?
Thank you.
--
[EMAIL PROTECTED] To be sure of hitting the target, shoot first, and
call whatever you hit the target. -Ashleigh
Brilliant
_______________________________________________
[EMAIL PROTECTED] mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"
