On Fri, November 18, 2005 10:15, Brent Clark wrote: > Hi all > > I just added this to my FW > > $IPT -t nat -A PREROUTING -i eth0 -p tcp -s 1.2.3.4 -m mac > --mac-source 00:00:21:41:59:e6:00:13:80:9d:38:82:08:00 > --dport 3389 -j DNAT --to 192.168.111.124:3389 > $IPT -t filter -A FORWARD -i eth0 -p tcp -s 1.2.3.4 -m mac > --mac-source 00:00:21:41:59:e6:00:13:80:9d:38:82:08:00 > --dport 3389 -d 192.168.111.124 -j ACCEP > > And I keep getting this message > > iptables v1.3.3: Bad mac address > `00:00:21:41:59:e6:00:13:80:9d:38:82:08:00' > > I did a check on the message logs, and I see this in the line for MAC > address, the and line matches > > [INPUT ]: IN=eth0 OUT= MAC=00:00:21:41:59:e6:00:13:80:9d:38:82:08:00 > > If someone would be so kind as to help me understand this, I would be > most grateful. http://www.google.com/search?q=iptables+log+mac Leads to this : http://lists.debian.org/debian-user/2000/10/msg00107.html [quote] The MAC= field is read as dst-mac:src-mac:08:00. I don't know that the last 2 bytes mean. [/quote] So, it would be something like : $IPT -t nat -A PREROUTING -i eth0 -p tcp -s 1.2.3.4 -m mac \ --mac-source 00:13:80:9d:38:82 --dport 3389 \ -j DNAT --to 192.168.111.124:3389 > Is it possible to get the mac address for a mac on the internet, line > above I thought I could use this. Only those that are on your physical network segment, which would typically not be many. Gr, Rob
