On Tue, May 30, 2006 at 03:08:45PM +0200, Sietse van Zanen wrote: > 1. With iptables -I you would usually need to specify a rule number where to insert your new rule. Instead use iptables -A to add the rule to the end of the chain. > > 2. I see 2 different MAC addresses for 1 machine? You 100% sure that's ok and that the machine in question uses these two MAC's and they are not from other machines? > > 3. Post the output of iptables -L (-nv). > > -Sietse > > ________________________________ > > From: netfilter-bounces@xxxxxxxxxxxxxxxxxxx on behalf of System Admin > Sent: Tue 30-May-06 7:36 > To: netfilter@xxxxxxxxxxxxxxxxxxx > Subject: block dhcp service based on mac > > > > hello all > > I have an dhcp server and i want to block a particular mac address (that > pc is virus infected) from using my dhcp service so that it will not get > any valid ip address. > > for that i have used > > /sbin/iptables -I INPUT -i eth2 -p all -m mac --mac-source > 00:02:E3:34:EA:77 -j DROP > > or > > /sbin/iptables -I INPUT -i eth2 -p udp --dport 67:68 -m mac --mac-source > 00:05:5D:4A:8A:3B -j DROP I think this has more to do with the way that dhcp-server listens on the network. You would be better off configuring the dhcp server to not listen to that mac, or give it a silly address like 127.254.254.254 ! > > while the iptables rule match count do increase but the pc is still > getting ip address from my dhcp server which is seen from dhcpd log file. > > does the packet goes to dhcp service before going to iptables stack? > I am using redhat 9 with dhcp-3.0pl1-23 dhcp server. > > Thank you > > > > > > > ------------------------------------------------- DISCLAIMER --------------------------------------------------------- > This email is intended for the exclusive use by the person(s) mentioned as recipient(s) and may contain information that is confidential and/or privileged.This email does not constitute any commitment from Nepal Bank Limited or its subsidiaries except when expressly agreed in a written agreement between the intended recipient and Nepal Bank Limited or its subsidiaries. If you receive this email by mistake, please notify the sender or notify by emailing at postmaster@xxxxxxxxxxxxxxxx and delete this email immediately from your system and destroy all copies of it. You may not, directly or indirectly, use, disclose, distribute, print or copy this email or any part of it if you are not the intended recipient. > > > > > >
Attachment:
signature.asc
Description: Digital signature
