From: "HareRam" <hareram@sol.net.in>
To: netfilter@lists.samba.org
Subject: IPTABLES NewBie
Date: Thu, 12 Sep 2002 17:01:20 +0530 [thread overview]
Message-ID: <052701c25a4f$eb00a740$7cfcc5cb@humanpc> (raw)
In-Reply-To: 200209121022.g8CAMTv09831@vulcan.rissington.net
Hi all
iam using Redhat 7.2 with Iptable 1.2.4 upgraded
and patched with p-o-m
now my application is allow only register mac Address and rest all drop
i am having home based network
ever customer have give specific address, since they have regiter only one
PC for Browsing
he should get only for that PC,, they are using Winproxy and consuming lot
of bandwidth
can i have small example how do i enable only register MAC to allow all
Services
rest all should deny directly
right now iam using like this script
iam forwarding all the 80 port traffic to squid cache server
m=modprobe
$m ip_conntrack_ftp
$m ip_conntrack_irc
$m ip_conntrack
$m ip_nat_ftp
$m ip_nat_irc
$m ip_queue
$m iptable_filter
$m iptable_mangle
$m iptable_nat
$m ip_tables
$m ipt_limit
$m ipt_LOG
$m ipt_mac
$m ipt_mark
$m ipt_MARK
$m ipt_MASQUERADE
$m ipt_MIRROR
$m ipt_multiport
$m ipt_owner
$m ipt_REDIRECT
$m ipt_REJECT
$m ipt_state
$m ipt_tcpmss
$m ipt_TCPMSS
$m ipt_tos
$m ipt_TOS
$m ipt_unclean
/sbin/iptables -F
/sbin/iptables -F -t nat
/sbin/iptables -t nat -A PREROUTING -s 192.168.20.0/24 -p tcp --dport 80 -j
REDIRECT --to-port 3129
/sbin/iptables -t nat -A PREROUTING -s 192.168.3.0/24 -p tcp --dport 80 -j
REDIRECT --to-port 3129
/sbin/iptables -t nat -A POSTROUTING -s 192.168.20.0/24 -o eth0 -j
MASQUERADE
/sbin/iptables -t nat -A POSTROUTING -s 192.168.3.0/24 -o eth0 -j MASQUERADE
suggest me how do i have sample to add, to deny un authorised MAC address
thanks in advance
hare
next prev parent reply other threads:[~2002-09-12 11:31 UTC|newest]
Thread overview: 17+ messages / expand[flat|nested] mbox.gz Atom feed top
2002-09-12 7:05 binding nntp to one interface Rasmus Reinholdt Nielsen
2002-09-12 9:15 ` Anders Fugmann
2002-09-12 10:22 ` Antony Stone
2002-09-12 11:31 ` HareRam [this message]
2002-09-12 13:54 ` IPTABLES NewBie Antony Stone
2002-09-14 9:23 ` NAT and NAT HareRam
[not found] ` <5.1.0.14.2.20020912131043.02711d58@of23sm3>
2002-09-12 11:51 ` binding nntp to one interface Anders Fugmann
2002-09-12 11:55 ` Rasmus Reinholdt Nielsen
-- strict thread matches above, loose matches on Subject: below --
2003-09-11 13:41 iptables newbie ads nat
2003-09-11 14:28 ` Pascal Vilarem
2003-12-27 13:31 Johan Cimen
2003-12-27 14:50 ` John A. Sullivan III
2003-12-27 17:05 ` Johan Cimen
2003-12-27 19:09 ` Iced Tea
2003-12-27 19:16 ` Johan Cimen
2003-12-28 1:53 ` Mark E. Donaldson
2003-12-27 21:26 ` Johan Cimen
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to='052701c25a4f$eb00a740$7cfcc5cb@humanpc' \
--to=hareram@sol.net.in \
--cc=netfilter@lists.samba.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox