On Thu, May 7, 2009 at 15:55, Tim Dressel <[email protected]> wrote: > 1. What is the limitation on the number of mac-bypass entries? And is > what I am seeing expected with 300 entries?
I'm sure someone will chime in with the precise ipfw limitation, but this is mostly going to be dependent on your system's performance specs - memory & CPU. > 2. If I should not be doing this with 300 clients, is anyone using > another FOSS product to do MAC authenticated control outbound from > their firewall? Possibly, but [as I hope you know] MAC filtering only keeps honest people honest, it is in no way any form of authentication. At that number of unique users, you may be better served by setting up an actual RADIUS server to do proper authentication and AAA instead of manually maintaining tables. --------------------------------------------------------------------- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected] Commercial support available - https://portal.pfsense.org
