Le mardi 14 mars 2006 à 08:19 +0200, Steve Comfort a écrit : > mac.allow is a file we create containing permitted MAC addresses. The > above was just a snippet, I have the same rule in place for the > FORWARD chain. OK. Then what I would do is check with an iptables -L -v rules counters to verify if thoses rules actually match. And if they don't, try to figure out why. Maybe you have one prior rule that allows all packets, bypassing this part of the ruleset. On the other end, I would do a mac.allow file, and put a DROP policy so you'll never see anything go through until you get the right MAC, and the right ruleset ;) Maybe another "customer request" ? > Yeah, I know. Customer requirement unfortunately. Customers... -- http://sid.rstack.org/ PGP KeyID: 157E98EE FingerPrint: FA62226DA9E72FA8AECAA240008B480E157E98EE >> Hi! I'm your friendly neighbourhood signature virus. >> Copy me to your signature file and help me spread!
