Re: iptables MAC addresses

To: debian-isp <debian-isp@lists.debian.org>
Subject: Re: iptables MAC addresses
From: "Jim Popovitch" <yahoo@jimpop.com>
Date: Mon, 25 Aug 2008 16:50:17 -0400
Message-id: <[🔎] 7ff145960808251350w338829ebp99ef121242f5155a@mail.gmail.com>
In-reply-to: <[🔎] d06f0d320808251302y35a8bd08j4a9b28d975a78369@mail.gmail.com>
References: <[🔎] 7ff145960808251246k4706d8ebwbcca6062ee63613c@mail.gmail.com> <[🔎] d06f0d320808251302y35a8bd08j4a9b28d975a78369@mail.gmail.com>

On Mon, Aug 25, 2008 at 4:02 PM, Stefano Cislaghi <s.cislaghi@gmail.com> wrote:
> 2008/8/25 Jim Popovitch <yahoo@jimpop.com>:
>> Hi,
>>
>> I'm using iptables -j LOG to log blocked/throttled connections.  These
>> log entries contain the source and destination MAC addresses... which
>> will always be the MAC addrs of the single apache box and it's
>> upstream switch. ;-)   Is there any way to tell iptables to *not* log
>> MAC addresses?
>
> You should use argv:
>
>  --mac-source !address

:-)  Perhaps I wasn't clear enough.  I do want the log entries... I
just don't want the log entries to contain the MAC addresses (which
are useless to me because they are the same regardless of where the IP
traffic.   The host has 1 interface attached to an upstream Foundry,
so the MACs will always be the same.

-Jim P.

Reply to:

Follow-Ups:
- Re: iptables MAC addresses
  - From: "Ing. Otto Marroquin" <otto@celera.net>
- Re: iptables MAC addresses
  - From: Michael Loftis <mloftis@modwest.com>
- Re: iptables MAC addresses
  - From: Phil Dyer <phil@pdyer.net>

References:
- iptables MAC addresses
  - From: "Jim Popovitch" <yahoo@jimpop.com>
- Re: iptables MAC addresses
  - From: "Stefano Cislaghi" <s.cislaghi@gmail.com>

Prev by Date: Re: iptables MAC addresses
Next by Date: Jabber Server
Previous by thread: Re: iptables MAC addresses
Next by thread: Re: iptables MAC addresses
Index(es):
- Date
- Thread