iptables MAC problem

Elvir Kuric omasnjak at yahoo.com
Sun Nov 26 20:05:15 CET 2006

Hi all, 

I think dual homed machine ( two NICs...one for
internal network and one for external network ) 

using next rule you will restict  particular user to
access to internet
iptables -A FORWARD -m mac --mac-source

XX:XX:XX:XX:XX:XX represent MAC address of host you
want to block
Using the same logic you can implement rules to forbid
a host to access particular part of your network, some
services an so on.
The useful place to visit and read material there is 


--- Tommy W <tommy at svearike.sytes.net> wrote:

> On Saturday 25 November 2006 09:10, alok pathak
> wrote:
> > I am using CentOS3.8 (with kernel version
> 2.4.21-47.EL, iptables
> > version 1.2.8-12.3, on AMD sampron x68_64).  I
> want to restrict my
> > users based on their MAC, and used the command:
> >
> > # iptables -A INPUT -m --mac-source
> 12:12:12:12:12:12 -j DROP
> It should be like this I recon
>  # iptables -A INPUT -m mac --mac-source
> 12:12:12:12:12:12 -j DROP

Want to start your own business?
Learn how on Yahoo! Small Business.

More information about the netfilter mailing list