i would like to do using FORWARD example iptables -A FORWARD -s -m ! 00:0F:EA:91:04:08 -d 0.0.0.0/0 -p tcp --dport 3128 -j DROP i want to set this rule to avoid the computer being cloned i think using mac & iptables i can solve this rigth ?
What do you mean by "cloned". It is trivial to spoof a mac address. Also, the mac address only matters per network segment, so this would only be useful when used for something that is behind your firewall being permitted out, or something that is directly on the external side of your firewall coming in. MAC addresses become completely irrelevent once traffic passes through a router. As for your syntax, that looks correct. ~Daniel