Re: iptables by mac

To: debian-firewall@lists.debian.org
Subject: Re: iptables by mac
From: Pascal Hambourg <pascal.mail@plouf.fr.eu.org>
Date: Sat, 10 Jun 2006 09:20:39 +0200
Message-id: <[🔎] 448A72C7.3040701@plouf.fr.eu.org>
In-reply-to: <[🔎] 98a18b470606091421y1c17346w8659a7e1a85f54fb@mail.gmail.com>
References: <[🔎] 2492.10.30.142.3.1149832239.squirrel@mail.cnt.uo.edu.cu> <001701c68bb1$41c3c8a0$0201a8c0@async> <[🔎] 2605.10.30.142.3.1149860642.squirrel@mail.cnt.uo.edu.cu> <[🔎] 98a18b470606091421y1c17346w8659a7e1a85f54fb@mail.gmail.com>

Hello,

Daniel Givens a écrit :

i would like to do using FORWARD
example

iptables -A FORWARD -s -m ! 00:0F:EA:91:04:08 -d 0.0.0.0/0 -p tcp --dport
3128 -j DROP

i want to set this rule to avoid the computer being cloned
i think using mac & iptables i can solve this rigth ?


What do you mean by "cloned". It is trivial to spoof a mac address.


Or an IP address on the same ethernet link.

[...]

As for your syntax, that looks correct.


I think the -s option expects a source address or address range.

Reply to:

Follow-Ups:
- Re: iptables by mac
  - From: Adorean Alexandru Raul <araul@adonet.ro>

References:
- iptables by mac
  - From: "Luis" <itachi@cnt.uo.edu.cu>
- RE: iptables by mac
  - From: "Luis" <itachi@cnt.uo.edu.cu>
- Re: iptables by mac
  - From: "Daniel Givens" <daniel@rugmonster.org>

Prev by Date: Re: iptables by mac
Next by Date: Re: Skipe - iptables
Previous by thread: Re: iptables by mac
Next by thread: Re: iptables by mac
Index(es):
- Date
- Thread