Re: [m0n0wall] Is there a way to filter by MAC address ?

From:	Chris Buechler <cbuechler at gmail dot com>
To:	m0n0wall at lists dot m0n0 dot ch
Subject:	Re: [m0n0wall] Is there a way to filter by MAC address ?
Date:	Wed, 17 Nov 2004 14:15:32 -0500

On Wed, 17 Nov 2004 13:33:16 -0500, Bill Hamel <billh at bugs dot hamel dot net> wrote:
> In this topology m0n0 has a wireless interface configured as an AP. I wish to
> pass regular internet traffic across the wireless interface and an ethernet
> interface and limit by mac address who can connect to the AP.
> 
> Currently I have the AP configured which is M0n0 1.1 and the Wireless interface
> is bridged to the Optional interface. Internet traffic runs through the bridge
> using non-private IP adressing just dandy, but now I want to limit by MAC
> address who can connect to the AP.
> 
> Is this possible ?
> 

http://m0n0.ch/wall/docbook/faq-macfilt.html


> Captive portal seems like a nice way of doing it but it looks as like I am
> limited because it seems to require you run NAT thereby loosing the ability to
> route native internet traffic. And Trying to run captive portal on a bridged
> interface is not allowed.
> 

You don't have to use NAT, if you have enough public IP's to put a
public subnet on your OPT interface you can use a sub-subnet of your
public subnet on that OPT interface.  Or you can do 1:1 NAT.

But you can't use captive portal on a bridged interface.

-Chris