hello,
just reporting a funny one:
One of our clients was trying to use a VOIP application through a linux
gateway (iptables-1.2.3). The client had a MAC address of a:b:c:d:e:f and an
IP address of 1.2.3.4
When I used this rule on the gateway (FORWARD policy DROP):
iptables -A INPUT -i eth1 -m mac --mac a:b:c:d:e:f -j ACCEPT
- the client could not establish an audio channel to his VOIP
server
But when I used this line:
iptables -A INPUT -i eth1 -s 1.2.3.4 -j ACCEPT
- he could make calls fine.
Just in case anyone runs over this in future. It was unexpected, to say the
least. As far as I understand it, both lines should have worked.
Gavin
