[ndbug] PF filtering by Mac address
Hrishikesh Muruk
hrishim at gmail.com
Wed Dec 21 06:42:04 PST 2016
The Absolute OpenBSD 2 book says that PF can even filter by MAC address.
Requires tags to be added on bridge(4) interfaces.
“PF can even filter by MAC address. There’s special support for this
specific media layer protocol via tags added on bridge(4) interfaces, as
documented in ifconfig(4).”
I have just one machine (VPS) that I want to configure as an email
server.The accounts on the server will be accessed using a specific set of
devices (say 10-15). Would it be overkill to set up pf so that only
requests from these mac addresses will be allowed for sending/retrieving
mail ?
If what I am doing is reasonable - Do I have to configure a bridge
interface? The man for bridge says - "The bridge device creates a logical
link between two or more ethernet interfaces or encapsulation interfaces..."
I have only one ethernet interface on the VPS. Can I set up a bridge device
at all?
Thanks
Hrishi
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.ndbug.in/mailman/private/talk/attachments/20161221/908b03ae/attachment.html>
More information about the talk
mailing list