If the client is on a differnet network segment, I think you'll have some difficulty obtaining MAC addresses. It's just the basic concept of how ARP traffic works. You could imagine the traffic that would be generated if every time someone booted up and began broadcasting that they are HostX to the entire internet. So by design, all true routers should not forward ARP traffic. Depending on what application you are trying to block, you might have better luck with tcp_wrappers blocking by username@ip_address.
|