On Monday 17 November 2003 2:55 pm, curlybraces@xxxxxxxxxxxx wrote:
> hi all
>
> can some body tell me how to block all mac addresses in the same network
> via iptables ...............!!!!!
iptables -P INPUT DROP
iptables -P FORWARD DROP
iptables -F INPUT
iptables -F FORWARD
will block all mac addresses :)
> but don't ask why ...ok
Okay, I guess the above is not the solution you were looking for, however
without further explanation of exactly what you mean by "block all mac
addresses in the same network", I can only suggest the following:
iptables -I FORWARD -m mac --mac-source aa:bb:cc:dd:ee:ff -j DROP
Replace FORWARD with INPUT if you want to block packets coming into the
netfilter machine rather than those being routed through it; repeat this rule
for each mac address you want to block. If you really do want to block
*all* mac addresses, then simply DROP all packets - no need to look at the
mac address if you want to block them all.
Antony.
--
Nostaliga is not what it used to be.
Please reply to the list;
please don't CC me.
