Hi, I suppose it is because you do NOT know the destination MAC address. The dest MAC address is found out first when the packets get out of iptables and go to the NIC. Besides - you cannot find out the MAC address of the host that is reachable over i.e. 3 hops. Recall the OSI layer system and it should be clear. I think I am not wrong here. If so, please correct me. Regards, Edvin Seferovic -----Original Message----- From: netfilter-bounces@xxxxxxxxxxxxxxxxxxx [mailto:netfilter-bounces@xxxxxxxxxxxxxxxxxxx] On Behalf Of Thomas Turquois Sent: Donnerstag, 28. April 2005 11:40 To: netfilter@xxxxxxxxxxxxxxxxxxx Subject: iptables mac destination filtering Hi, I would like to know why it's not possible to filter on mac destination address with iptables. Thanks.
