Hello,

I have a router running netbsd with 3 ethernet interface (sip0 ..
sip2), one used for internet connection, one for the wired network and
the last for wireless network (with a 802.11g bridge).
Currently i use a quite simple ipf configuration, i allow less things
to people that come from the wireless interface than people comming
from wired one.
Today wireless network are more secure, so i would like to allow more
things, but only for some people on this network, i can't make rule
from ip because the network use dhcp, so the only solution i see is to
make rule by MAC adresse and ipf doesn't seem to handle mac adresse.
I was thinking to make a virtual interface, and associate MAC adresse
to this virtual interface, and allow more things for this interface,
but i didn't find a way to do this because netbsd vlan interface
doesn't associate a vlan with a mac adresse
so i'm looking for a great idea :)

-- 
Jean-Edouard BABIN
Mail: Jeb@jeb.com.fr
Web : www.Jeb.com.fr
IRC : Jeb @ Undernet