Re: Can iptables manager source mac address?

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

Yes, you can use iptables to validate the mac address, try this:

iptables -A INPUT -m mac --mac-source 00:05:69:00:04:BA -j ACCEPT

or

iptables -A INPUT -m mac --mac-source ! 00:05:69:00:04:BA -j DROP

you get the idea
Hope this helps
John


At 06:21 PM 4/19/2003 +0800, NetSnake wrote: 
  I use iptables to nat to internet, but I found some user use a proxy
on intranet, like, 192.168.0.5 can access to internet, 192.168.0.10 can
not access to internet, now 10 access a proxy on 192.168.0.5, then he
can access now, I thought in package from 192.168.0.5 must contant some
information about proxy, like source mac address, this can help me to
identified users, can iptables do this?

Thanks.


[Index of Archives]     [Linux Netfilter Development]     [Linux Kernel Networking Development]     [Netem]     [Berkeley Packet Filter]     [Linux Kernel Development]     [Advanced Routing & Traffice Control]     [Bugtraq]

  Powered by Linux