Le ven 01/08/2003 à 11:15, George Vieira a écrit : > Hey, don't forget.. the firewall will only see the MAC of the routers (from > experience) unless the routers pass the MAC address across when routed... > but AFAIK they don't.. so -m mac is useless in this scenario... True, I focused on source MAC filtering and forgot to have a more attentive look at the network drawing. My mistake. > internet--router---firewall---router---clients Using this architecture, clients MAC address won't be visible from firewall. Routeur's one will be the only one visible. -- http://www.netexit.com/~sid/ PGP KeyID: 157E98EE FingerPrint: FA62226DA9E72FA8AECAA240008B480E157E98EE
