Varun: I suggest you to check a project called "ebtables". May be of interest to you: http://ebtables.sourceforge.net/ Anyway, I think you can do this to disable all other MAC addresses: iptables -A FORWARD -m mac --mac-source ff:ff:ff:ff:ff:ff -j ACCEPT iptables -A FORWARD -m mac --mac-source ! ff:ff:ff:ff:ff:ff -j DROP But if you want to allow more MAC, then you may need to write a custom chain and pass all that MAC into it. I hope this help you. > Hello, > To allow a particular MAC, I plan use the rule > as sugested in my previous post : > > iptables -A FORWARD -m mac --mac-source ff:ff:ff:ff:ff:ff -j ACCEPT. > > Now how do you block all other MAC addresses in the first place. > How to write a rule for that ? > > Thanks > > Varun > > > Saludos, Gustavo Castro Puig. E-Mail: gcastro@xxxxxxxxxx LPI Level-1 Certified (https://www.lpi.org/es/verify.html LPID:LPI000042304 Verification Code: hp6re8w5qg ) -----BEGIN GEEK CODE BLOCK----- Version: 3.12 GCS/CM/IT/ED dx s-:- a? C(+++)$ UL++++*$ P+ L++++(++)$ E--- W+++$ N+ o? K- w O M V-- PS PE++(-) Y-(+) PGP+ t(++) 5+ X++ R tv+ b++(++++) DI+++ D++ G++ e++ h--- r y+++ ------END GEEK CODE BLOCK------ Registered Linux User #69342
