Is it not fully implemented, or I'm wrong somewhere? I'm trying to make a filter based on the MAC address, but have no success. Using iptables with the mac extension works, but only for the IP. But I want to filter other protocols (0x8863 and 0x8864 - PPPOE). So I can't use iptables. I tried arptables - no errors when creating chains (kernel 2.4.21), but there are only some occasional matches, and honestly said, I'm not sure till now when they occur (which packets are matched). Next week I'll try kernel 2.5.75 (2.6.0-test1 is too buggy:)), but have no time now, since it could be done only on a different PC. Can somebody clear the situation? ~# arptables -A INPUT --source-mac XX:XX:XX:XX:XX:XX -j DROP ~# arptables -L -nvx Chain INPUT (policy ACCEPT 57158 packets, 1600K bytes) -j DROP -i * -o * --src-mac XX:XX:XX:XX:XX:XX , pcnt=44 -- bcnt=1232 Chain OUTPUT (policy ACCEPT 27359 packets, 766K bytes)
