* [LARTC] arptables in kernel 2.4
@ 2003-07-22 21:52 Evgeni Gechev
0 siblings, 0 replies; only message in thread
From: Evgeni Gechev @ 2003-07-22 21:52 UTC (permalink / raw)
To: lartc
Is it not fully implemented, or I'm wrong somewhere?
I'm trying to make a filter based on the MAC address, but have no success.
Using iptables with the mac extension works, but only for the IP. But I want
to filter other protocols (0x8863 and 0x8864 - PPPOE). So I can't use
iptables.
I tried arptables - no errors when creating chains (kernel 2.4.21), but there
are only some occasional matches, and honestly said, I'm not sure till now
when they occur (which packets are matched). Next week I'll try kernel 2.5.75
(2.6.0-test1 is too buggy:)), but have no time now, since it could be done
only on a different PC. Can somebody clear the situation?
~# arptables -A INPUT --source-mac XX:XX:XX:XX:XX:XX -j DROP
~# arptables -L -nvx
Chain INPUT (policy ACCEPT 57158 packets, 1600K bytes)
-j DROP -i * -o * --src-mac XX:XX:XX:XX:XX:XX , pcntD -- bcnt\x1232
Chain OUTPUT (policy ACCEPT 27359 packets, 766K bytes)
_______________________________________________
LARTC mailing list / LARTC@mailman.ds9a.nl
http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/
^ permalink raw reply [flat|nested] only message in thread
only message in thread, other threads:[~2003-07-22 21:52 UTC | newest]
Thread overview: (only message) (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2003-07-22 21:52 [LARTC] arptables in kernel 2.4 Evgeni Gechev
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.