Allowing access only some sites - onely some mac address

Jiann-Ming Su sujiannming at gmail.com
Tue Aug 30 15:49:42 CEST 2005


On 8/29/05, Sebastião Antônio Campos (GWA) <sa.campos at datasulsp.com.br> 
wrote:
> 
> Dears,
> 
> I'd like to allow access only to some sites by some mac address.
> 
> For example:
> 
> I have a list of the mac address 00:0c:6E:11:E8:B0, 00:D8:02:D8:C8:DF,
> 00:E7:05:C9:07:EA............ and and I'd like that only these mac address
> could access only the following IP: 200.221.2.128 <http://200.221.2.128>, 
> 200.221.2.129 <http://200.221.2.129>,
> 200.221.2.130 <http://200.221.2.130>, 200.221.2.131 <http://200.221.2.131>, 
> 200.205.144.75 <http://200.205.144.75>, 200.205.144.76<http://200.205.144.76>. 
> But the other
> mac address could access everything.



IIRC, MAC addresses (layer 2) do not go beyond the router (layer 3). I think 
you can only do what you are proposing if all your boxes are behind the same 
broadcast domain.

-- 
Jiann-Ming Su
"I have to decide between two equally frightening options. 
If I wanted to do that, I'd vote." --Duckman


More information about the netfilter mailing list