Subject: Re: filter by MAC address?
To: None <email@example.com>
From: Steven M. Bellovin <firstname.lastname@example.org>
Date: 12/10/2006 15:38:41
On Sun, 10 Dec 2006 21:38:09 +0100
mouss <email@example.com> wrote:
> Steven M. Bellovin wrote:
> > Is there any way to configure ipf or pf to reject packets based on
> > the source MAC address? seems possible with pf:
> > Failing that, is there any way to get dhclient to
> > do so?
> > if you control the dhcp server, you could assign them IPs in a
> > specific range and block this range.
> I wonder if it's feasible to blackhole such machines by playing with
The specific issue is trying to block a rogue dhcp server, and in
particular one for a 1918 address range. It's easy enough to add
to dhclient.conf, but you wander to the next NATted network and you'll
block the legitimate server that way.
--Steve Bellovin, http://www.cs.columbia.edu/~smb