FILTERING PORT FORWARD BY MAC ADDRESS
-
Hello I am writing to see if, in the port forward, can I filter access to a port based on the MAC address?
Best regards -
When exactly would this be required?? What are you trying to accomplish with it? On the wan side, which is normally internet access the only mac address seen would be the mac of the gateway.
-
An example of a reasonable reason for trying this would be what I'm currently trying to do. Set up a port forward to a host receiving its IP from DHCP, and only to that host (not a subnet, for example). The MAC address is the (most) stable network identifier in this scenario, it also provides the highest reliability of uniqueness.
What it looks like will be required is port forwarding to a FQDN, as made available by a local DNS server updated by DHCP. This will most likely be hostname based port forwarding; though one could configure thing differently I suppose (DHCP providing a static IP to the target MAC being one example).
pfSense provides the feature sets required to pull off DHCP->DNS->FQDN NAT/port forward.
I'll post again when I have instructions…Edit: Useful stuff: https://doc.pfsense.org/index.php/DNS_Forwarder
https://doc.pfsense.org/index.php/Using_FQDNs_in_Aliases
https://doc.pfsense.org/index.php/DHCP_ServerGetting boozed and going to bed now ;)
-
huh? That is not what the OP asked..
Your taking about just making sure you always forward to the same host, even if its IP would change. And this is done via sure a dhcp reservation so it never changes.. Or just setup a static on the IP your going to forward too.
-
Huh? What? That's totally… rereads OP
:|
lol whoops.