MAC address filtering is of extremely limited utility. It is just as
trivial to spoof a MAC address as it is to spoof an IP address. The
problems you are trying to solve are already solved with captive portal
and a judicious use of DHCP. If you require further layers of
obtuseness, you can employ port-level security on your switches.
[email protected] wrote:
Yeah, I was hoping to get around that, by simply adding the MAC
address to a firewall rule, and pfSense would check the ARP table and
use the appropriate IP address automatically.
So i guess it's not true layer 2 filtering, but its close enough.
Adam
Tim Nelson wrote:
MAC to IP address tracking is handled by the ARP package. :-)
All joking aside, maybe you want to look at static DHCP assignments
denying unknown clients or the captive portal?
Tim Nelson
Systems/Network Support
Rockbochs Inc.
(218)727-4332 x105
----- [email protected] wrote:
Are there any plans on adding this feature, or MAC to IP Address
tracking. I would be willing to submit an bounty if it's technically
possible.
This is very useful for hotels, airports, & wifi hot spots. Where you
want to block an PC that is using DHCP.
I've actually never seen this feature in a firewall,
Adam
Gary Buckmaster wrote:
pfSense does not do firewalling based on MAC address.
Quirino Santilli wrote:
Hello guys,
I need to build a bridging firewall with MAC address based rules.
Is
pfsense capable of doing the trick?
If not (as I guessed from the features) how can I achieve my goal?
Thank you for the help.
r3N0oV4
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
Commercial support available - https://portal.pfsense.org
__________ Information from ESET NOD32 Antivirus, version of virus
signature database 3865 (20090218) __________
The message was checked by ESET NOD32 Antivirus.
http://www.eset.com
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
Commercial support available - https://portal.pfsense.org
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
Commercial support available - https://portal.pfsense.org
__________ Information from ESET NOD32 Antivirus, version of virus
signature database 3865 (20090218) __________
The message was checked by ESET NOD32 Antivirus.
http://www.eset.com
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
Commercial support available - https://portal.pfsense.org
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
Commercial support available - https://portal.pfsense.org
