Hello,
For simply, this is because netfilter is working on IP layer.
----- Original Message -----
> Hi,
>
> I suppose it is because you do NOT know the destination MAC address. The
> dest MAC address is found out first when the packets get out of iptables and
> go to the NIC. Besides - you cannot find out the MAC address of the host
> that is reachable over i.e. 3 hops. Recall the OSI layer system and it
> should be clear.
>
> I think I am not wrong here. If so, please correct me.
>
> Regards,
>
> Edvin Seferovic
>
> -----Original Message-----
> From: netfilter-bounces@xxxxxxxxxxxxxxxxxxx
> [mailto:netfilter-bounces@xxxxxxxxxxxxxxxxxxx] On Behalf Of Thomas Turquois
> Sent: Donnerstag, 28. April 2005 11:40
> To: netfilter@xxxxxxxxxxxxxxxxxxx
> Subject: iptables mac destination filtering
>
> Hi,
>
> I would like to know why it's not possible to filter on mac destination
> address with iptables.
>
> Thanks.
>
>
>
