iptables MAC problem

Elvir Kuric omasnjak at yahoo.com
Sun Nov 26 20:05:15 CET 2006


Hi all, 

I think dual homed machine ( two NICs...one for
internal network and one for external network ) 

using next rule you will restict  particular user to
access to internet
iptables -A FORWARD -m mac --mac-source
XX:XX:XX:XX:XX:XX -j DROP

XX:XX:XX:XX:XX:XX represent MAC address of host you
want to block
Using the same logic you can implement rules to forbid
a host to access particular part of your network, some
services an so on.
The useful place to visit and read material there is 
http://iptables-tutorial.frozentux.net/iptables-tutorial.html

Regards 

--- Tommy W <tommy at svearike.sytes.net> wrote:

> On Saturday 25 November 2006 09:10, alok pathak
> wrote:
> > I am using CentOS3.8 (with kernel version
> 2.4.21-47.EL, iptables
> > version 1.2.8-12.3, on AMD sampron x68_64).  I
> want to restrict my
> > users based on their MAC, and used the command:
> >
> > # iptables -A INPUT -m --mac-source
> 12:12:12:12:12:12 -j DROP
> 
> It should be like this I recon
> 
>  # iptables -A INPUT -m mac --mac-source
> 12:12:12:12:12:12 -j DROP
> 
> 



 
____________________________________________________________________________________
Want to start your own business?
Learn how on Yahoo! Small Business.
http://smallbusiness.yahoo.com/r-index



More information about the netfilter mailing list