iptables mac destination filtering

Seferovic Edvin edvin.seferovic at kolp.at
Thu Apr 28 11:55:17 CEST 2005


Hi,

I suppose it is because you do NOT know the destination MAC address. The
dest MAC address is found out first when the packets get out of iptables and
go to the NIC. Besides - you cannot find out the MAC address of the host
that is reachable over i.e. 3 hops. Recall the OSI layer system and it
should be clear. 

I think I am not wrong here. If so, please correct me.

Regards,

Edvin Seferovic

-----Original Message-----
From: netfilter-bounces at lists.netfilter.org
[mailto:netfilter-bounces at lists.netfilter.org] On Behalf Of Thomas Turquois
Sent: Donnerstag, 28. April 2005 11:40
To: netfilter at lists.netfilter.org
Subject: iptables mac destination filtering

Hi,

I would like to know why it's not possible to filter on mac destination
address with iptables.

Thanks.






More information about the netfilter mailing list