Hi, > >I have a client machine (say A ) connectected to a linux router . I >can browse internet without any problem . >In router , i can configure MAC address filters . If i configure A's >mac address should be disabled , A cannot access Router itself ? . >Question : What exactly mac address filter mean ? disabling router >access or disabling internet access ? If you add following rule you'll block access to internet, not to router: iptables -A FORWARD -j DROP -m mac --mac --mac-source xx:xx:xx:xx:xx:xx This rule will block access to the router without affecting access to internet: iptables -A INPUT -j DROP -m mac --mac --mac-source xx:xx:xx:xx:xx:xx You can find nice diagram representing packet flow in netfilter here (focus on green background if you're only routing, not bridgeing): http://www.imagestream.com/~josh/PacketFlow.gif Best regards, Marek -- To unsubscribe from this list: send the line "unsubscribe netfilter" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
