[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: iptables: identify host with DSL/Fritzbox

This one time, at band camp, Sebastian Rose said:
> Unfortunately a rule like
> iptable -I MYCHAIN 1 -i eth+ -m mac --mac-source 00:03:6a:a7:cf:01 -j ACCEPT
> does not work, since my MAC address is not the one which reaches the
> server, right?

Correct, it will see the MAC address of the switch or router that is the
server's next hop.

> I have the usual DSL access to the internet here:
>   my_PC  --->  Fritzbox  --->  Internet --->  Server
> which means I have a new IP all 24 hours.
> Is there a way to identify my PC for iptables?

If your IP address is static, just add it in the usual way.  I'm
assuming that it's dynamic, or you wouldn't be asking, though :)

I'd do something like tracking your current IP address with a state
file by looking it up every time you are about to change something -
you delete the entry that was in the state file, add the entry from DNS
now, and then add the current IP to the state file.  This relies on you
setting up something like dyndns to work.

|   ,''`.                                            Stephen Gran |
|  : :' :                                        sgran@debian.org |
|  `. `'                        Debian user, admin, and developer |
|    `-                                     http://www.debian.org |

Attachment: signature.asc
Description: Digital signature

Reply to: