On Sat, 4 Sep 2004 05:19:39 -0700 (PDT), Sorin Capra wrote > $ipt -t filter -N computer1 >/dev/null 2>&1 > $ipt -t filter -N computer2 >/dev/null 2>&1 > $ipt -t filter -N computer3 >/dev/null 2>&1 > $ipt -t filter -N computer4 >/dev/null 2>&1 > $ipt -t filter -N computer5 >/dev/null 2>&1 > > $ipt -A FORWARD -s 192.168.10.2 -j computer1 > $ipt -A FORWARD -s 192.168.10.3 -j computer2 > $ipt -A FORWARD -s 192.168.10.4 -j computer3 > $ipt -A FORWARD -s 192.168.10.5 -j computer4 > $ipt -A FORWARD -s 192.168.10.6 -j computer5 > > $ipt -A computer1 -m mac --mac-source 00:c0:df:f7:7c:3b -j ACCEPT > $ipt -A computer2 -m mac --mac-source 00:06:4f:0f:3b:c1 -j ACCEPT > $ipt -A computer3 -m mac --mac-source 00:0c:6e:90:39:6a -j ACCEPT > $ipt -A computer4 -m mac --mac-source 00:90:27:5f:5e:78 -j ACCEPT > $ipt -A computer5 -m mac --mac-source 00:90:27:9b:3c:a2 -j ACCEPT > > $ipt -A POSTROUTING -t nat -s 192.168.10.2 -j MASQUERADE > $ipt -A POSTROUTING -t nat -s 192.168.10.3 -j MASQUERADE > $ipt -A POSTROUTING -t nat -s 192.168.10.4 -j MASQUERADE > $ipt -A POSTROUTING -t nat -s 192.168.10.5 -j MASQUERADE > $ipt -A POSTROUTING -t nat -s 192.168.10.6 -j MASQUERADE > > #$ipt -P FORWARD DROP > -------------------- Use mac source match in chain PREROUTING of nat table. Additionalny tests will be working for first packets of connections (less load). >Thank you in advance, >Sorin Bests, Tomasz Chilinski _______________________________________________ LARTC mailing list / LARTC@xxxxxxxxxxxxxxx http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/
