DROP All MACs

DROP All MACs

[curlybraces]

hi all

can some body tell me how to block all mac addresses in the same network
via iptables ...............!!!!!

but don't ask why ...ok

thanx

Re: DROP All MACs

[Antony Stone]

On Monday 17 November 2003 2:55 pm, curlybraces@dialogsl.net wrote:

> hi all
>
> can some body tell me how to block all mac addresses in the same network
> via iptables ...............!!!!!

iptables -P INPUT DROP
iptables -P FORWARD DROP
iptables -F INPUT
iptables -F FORWARD

will block all mac addresses :)

> but don't ask why ...ok

Okay, I guess the above is not the solution you were looking for, however 
without further explanation of exactly what you mean by "block all mac 
addresses in the same network", I can only suggest the following:

iptables -I FORWARD -m mac --mac-source aa:bb:cc:dd:ee:ff -j DROP

Replace FORWARD with INPUT if you want to block packets coming into the 
netfilter machine rather than those being routed through it; repeat this rule 
for each mac address you want to block.   If you really do want to block 
*all* mac addresses, then simply DROP all packets - no need to look at the 
mac address if you want to block them all.

Antony.

-- 

Nostaliga is not what it used to be.

                                                     Please reply to the list;
                                                           please don't CC me.