Ok, I have a rule in my iptables which is basically this : -A -m mac --mac-source <macaddress A> -j ACCEPT -A -j REJECT The idea being if I come in from a machine with mac address A it will accept it. Well, this does not work. Everything is rejected, so I added this : -A -m mac --mac-source <macaddress A> -j LOG -A -m mac --mac-source <macaddress A> -j ACCEPT -A -j REJECT and tried to ssh into the box. Nothing showed up in the log files. so then I did this : -A -m mac --mac-source ! <macaddress A> -j LOG -A -m mac --mac-source <macaddress A> -j ACCEPT -A -j REJECT and sure enough I get stuff in the log file, but what I get is : <machine name> kernel: IN:eth0 OUT- MAC=<macaddress of server>:<a bunch more hex numbers> SRC=<ip number of client machine> DST = <ip number of this machine> ...... etc So my question is, why is the source mac address not working, and more importantly, any ideas as to why the source mac address seems to always be based off the mac address of my actual server, not the client connecting? Or do I have the mac-source element of iptables completely wrong? Wayner -- redhat-list mailing list unsubscribe mailto:redhat-list-request@xxxxxxxxxx?subject=unsubscribe https://www.redhat.com/mailman/listinfo/redhat-list
