I love you guys!!! I am sorry that I have left out important details that left you speculating. We offer a SIP phone service to our clients. In netfilter speak that's: -A UDP -p udp -m udp --sport 5060 ---dport 5080 -j ACCEPT :) Anyone can use our SIP server however, they will first need to create an account through our website, and provide the mac of the device that will be connecting to us. The website does not have to capture their info. Why we prefer mac is because the device will not be static, it will be on the move hopping on different networks all happy and stuff :).... Andrew, that is kind of what we are looking for but as you mentioned ipset would be a much better way of doing it. Until this post I did not know of ipset, will have to educate myself regarding it. What is unclear at this moment is, do we have mac support, or is it called *ip*set for a reason? Secondly, can we update and remove existing entries in our config. Kind Regards, Nick. -- To unsubscribe from this list: send the line "unsubscribe netfilter" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
