Ok .. thanks, is it also impossible to read a textfile thru iptables? ..please confirm TIA Winanjaya ----- Original Message ----- From: "Ruben Cardenal" <ruben@xxxxxxxx> To: <netfilter@xxxxxxxxxxxxxxxxxxx> Sent: Wednesday, October 05, 2005 12:23 PM Subject: RE: IP and MAC Address check > Hi, > > > what I need is to configure iptables to read maclist file when there is > > incoming trafic from the IP address 172.16.2.241 to 172.16.2.250 ..if the > > MAC Address listed then the traffic will allowed otherwise the traffic > > will > > be dropped or rejected.. > > That's were you were showed to implement. > > > > while read mac; do > > > iptables -A INPUT -m mac --mac-source $mac -m iprange --src-range \ > > > 172.16.2.241-172.16.2.250 -j ACCEPT > > > done < /path/to/maclist > > > iptables -A INPUT -m iprange --src-range 172.16.2.241-172.16.2.250 -j > > DROP > > You can't create "condicional" rules with iptables, you only create the > rules you need, and if such condition ever exists, the rule will be applied. > If it never does, the rule will never be applied. > > -Ruben > > > >
