Hi, > what I need is to configure iptables to read maclist file when there is > incoming trafic from the IP address 172.16.2.241 to 172.16.2.250 ..if the > MAC Address listed then the traffic will allowed otherwise the traffic > will > be dropped or rejected.. That's were you were showed to implement. > > while read mac; do > > iptables -A INPUT -m mac --mac-source $mac -m iprange --src-range \ > > 172.16.2.241-172.16.2.250 -j ACCEPT > > done < /path/to/maclist > > iptables -A INPUT -m iprange --src-range 172.16.2.241-172.16.2.250 -j > DROP You can't create "condicional" rules with iptables, you only create the rules you need, and if such condition ever exists, the rule will be applied. If it never does, the rule will never be applied. -Ruben
