Re: MAC filtering - Gustavo Castro Puig

netfilter.vger.kernel.org archive mirror
 help / color / mirror / Atom feed

From: "Gustavo Castro Puig" <gcastro@gcp.com.uy>
To: netfilter@lists.netfilter.org
Subject: Re: MAC filtering
Date: Wed, 29 Jun 2005 12:58:07 -0300 (UYT)	[thread overview]
Message-ID: <36457.200.125.10.62.1120060687.squirrel@webmail.gcp.com.uy> (raw)
In-Reply-To: <3f96f433f945f0.3f945f03f96f43@vsnl.net>

Varun:

  I suggest you to check a project called "ebtables". May be of interest
to you: http://ebtables.sourceforge.net/
  Anyway, I think you can do this to disable all other MAC addresses:

  iptables -A FORWARD -m mac --mac-source ff:ff:ff:ff:ff:ff -j ACCEPT
  iptables -A FORWARD -m mac --mac-source ! ff:ff:ff:ff:ff:ff -j DROP

  But if you want to allow more MAC, then you may need to write a custom
chain and pass all that MAC into it.
  I hope this help you.

> Hello,
>       To allow a particular MAC, I plan use the rule
> as sugested in my previous post :
>
> iptables -A FORWARD -m mac --mac-source ff:ff:ff:ff:ff:ff -j ACCEPT.
>
> Now how do you block all other MAC addresses in the first place.
> How to write a rule for that ?
>
> Thanks
>
> Varun
>
>
>

Saludos,
     Gustavo Castro Puig.
     E-Mail: gcastro@gcp.com.uy

LPI Level-1 Certified (https://www.lpi.org/es/verify.html
LPID:LPI000042304 Verification Code: hp6re8w5qg )
-----BEGIN GEEK CODE BLOCK-----
Version: 3.12
GCS/CM/IT/ED dx s-:- a? C(+++)$ UL++++*$ P+ L++++(++)$ E--- W+++$ N+ o?
K- w O M V-- PS PE++(-) Y-(+) PGP+ t(++) 5+ X++ R tv+ b++(++++) DI+++
D++ G++ e++ h--- r y+++
------END GEEK CODE BLOCK------
Registered Linux User #69342

next prev parent reply	other threads:[~2005-06-29 15:58 UTC|newest]

Thread overview: 7+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2005-06-29 11:56 MAC filtering varun_saa
2005-06-29 15:58 ` Gustavo Castro Puig [this message]
2005-06-29 20:30 ` /dev/rob0
  -- strict thread matches above, loose matches on Subject: below --
2010-04-21  3:55 mac filtering ratheesh k
2010-04-21  5:54 ` Marek Kierdelewicz
2010-04-21  7:49 ` Lars Nooden
2004-01-14 23:58 MAC Filtering Gopal Chandavarapu

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=36457.200.125.10.62.1120060687.squirrel@webmail.gcp.com.uy \
    --to=gcastro@gcp.com.uy \
    --cc=netfilter@lists.netfilter.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).