Re: Filtering on MAC Addresses

All of lore.kernel.org
 help / color / mirror / Atom feed

From: Michael Thompson <mike@thompsonmike.co.uk>
To: netfilter@lists.netfilter.org
Subject: Re: Filtering on MAC Addresses
Date: Fri, 04 Feb 2005 15:04:45 +0000	[thread overview]
Message-ID: <42038F0D.6010409@thompsonmike.co.uk> (raw)
In-Reply-To: <42038855.8050709@mnemon.de>

Jörg Harmuth wrote:

> Hmm, all I can say is that filtering based on MAC address works. Don'
> worry about the MAC iptables uses, that normal:
> 
> 00:09:5b:1b:52:77 is the MAC of the incoming interface
> 00:10:5a:14:50:db is the MAC of the sending interface
> 08:00 is the transport protocol (IP)

Thats what I thought it was all about, however it is not matching the 
Sending MAC address.

Feb  4 13:53:00 polaris IN=eth0 OUT= 
MAC=00:09:5b:1b:52:77:00:10:5a:14:50:db:08:00 SRC=192.168.1.14 
DST=192.168.1.1 LEN=92 TOS=0x00 PREC=0x00 TTL=128 ID=17305 DF PROTO=TCP 
SPT=1085 DPT=22 WINDOW=65067 RES=0x00 ACK PSH URGP=0

It gets blocked here, seemingly ignoring the rule.


> 
> Looking at your rule I have two ideas. Seems that the rule is placed
> in a chain you created, so may be you simply forgot to call the chain
> from the INPUT (or PREROUTING or FORWARD) chain.

It is called from both the input chain and forward chains.

> Or may be there is a
> rule that the packet hits before the MAC rule. You can test if it
> works basically like so:

It is the first rule in the chain.

> 
> iptables -I INPUT 1 -i $IFACE -m mac --mac-source 00:10:5a:14:50:db -j
> LOG --log-prefix "MAC match: "
> 

All ready logging it all.

> or similar. Good luck.

Many thanks for your help!

Mike

next prev parent reply	other threads:[~2005-02-04 15:04 UTC|newest]

Thread overview: 5+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2005-02-04 13:58 Filtering on MAC Addresses Michael Thompson
2005-02-04 14:36 ` Jörg Harmuth
2005-02-04 15:04   ` Michael Thompson [this message]
2005-02-04 15:08   ` Michael Thompson
2005-02-04 15:18     ` Michael Thompson

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=42038F0D.6010409@thompsonmike.co.uk \
    --to=mike@thompsonmike.co.uk \
    --cc=netfilter@lists.netfilter.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.