LinuxQuestions.org
Visit Jeremy's Blog.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Networking
User Name
Password
Linux - Networking This forum is for any issue related to networks or networking.
Routing, network cards, OSI, etc. Anything is fair game.

Notices

Reply
 
Search this Thread
Old 10-23-2004, 08:19 AM   #1
Kendo1979
Member
 
Registered: Aug 2004
Location: Bandung, Indonesia
Distribution: Red Hat 9
Posts: 51

Rep: Reputation: 15
blocking mac address using iptables


anyone can help me up here?
i'm using linux 2.4.22

i'm trying to figure out blocking connections to internet using mac address

i've tried

iptables -I INPUT -m mac --mac-source xx:xx:xx:xx:xx:xx -j DROP

looking at iptraf, i found out that the mac address i'm suppose to block still have connections.

is there any other way to block mac address?
or am i doing it wrongly?
 
Old 10-23-2004, 09:05 AM   #2
maxut
Senior Member
 
Registered: May 2003
Location: istanbul
Distribution: debian - redhat - others
Posts: 1,188

Rep: Reputation: 50
u r right about syntax, but wrong chain
use FORWARD instead of INPUT

good luck.
 
Old 10-23-2004, 11:59 AM   #3
Kendo1979
Member
 
Registered: Aug 2004
Location: Bandung, Indonesia
Distribution: Red Hat 9
Posts: 51

Original Poster
Rep: Reputation: 15
Talking

thanks a lot.
hmm, does it makes any different if i put -t nat?
so instead of what you shown me i put

iptables -t NAT -I FORWARD -m mac --mac-source xxxxxxxxx -j DROP


Last edited by Kendo1979; 10-23-2004 at 12:10 PM.
 
Old 10-23-2004, 12:12 PM   #4
Hangdog42
LQ Veteran
 
Registered: Feb 2003
Location: Maryland
Distribution: Slackware
Posts: 7,785
Blog Entries: 1

Rep: Reputation: 414Reputation: 414Reputation: 414Reputation: 414Reputation: 414
Are you aware how easy it is to spoof a MAC address? While it certainly doesn't hurt to filter on them (at least for your local network) just be sure not to use this as your primary means of security.
 
Old 10-23-2004, 12:22 PM   #5
Demonbane
Guru
 
Registered: Aug 2003
Location: Sydney, Australia
Distribution: Gentoo
Posts: 1,796

Rep: Reputation: 47
there's no FORWARD chain in nat table
 
Old 10-23-2004, 12:32 PM   #6
Kendo1979
Member
 
Registered: Aug 2004
Location: Bandung, Indonesia
Distribution: Red Hat 9
Posts: 51

Original Poster
Rep: Reputation: 15
i'm still a newbie, i don't know that mac address can be change. from the articles i read it says it's quite hard. do you suggest any other type of securing network? combination of ip and mac perhaps?
 
Old 10-23-2004, 12:55 PM   #7
Demonbane
Guru
 
Registered: Aug 2003
Location: Sydney, Australia
Distribution: Gentoo
Posts: 1,796

Rep: Reputation: 47
Changing mac address is a trivial task in most cases, in Linux just run something like:
Code:
/sbin/ifconfig eth0 hw ether 01:02:03:04:05:06
If you really want tight control over who can access the internet then a proxy server(with authentication) is a good choice.
 
Old 10-23-2004, 02:02 PM   #8
Hangdog42
LQ Veteran
 
Registered: Feb 2003
Location: Maryland
Distribution: Slackware
Posts: 7,785
Blog Entries: 1

Rep: Reputation: 414Reputation: 414Reputation: 414Reputation: 414Reputation: 414
I guess the question is what behaviour are you trying to control? If it is user's accessing the internet from your network, then Demonbane hit the nail on the head.
 
Old 10-24-2004, 05:42 AM   #9
Kendo1979
Member
 
Registered: Aug 2004
Location: Bandung, Indonesia
Distribution: Red Hat 9
Posts: 51

Original Poster
Rep: Reputation: 15
Talking Thank You

Thanks a lot people

guess it's time to study more about proxy server then ^^
 
Old 10-25-2004, 04:09 AM   #10
maxut
Senior Member
 
Registered: May 2003
Location: istanbul
Distribution: debian - redhat - others
Posts: 1,188

Rep: Reputation: 50
squid proxy is good to go. u will be able to block most of addware warez porn ... sites. u cannot do that with iptables. (maybe possbile but too hard ) check squidguard. it works as a child process of squid to block unwanted sites.

good luck
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
Iptables/Mac address InJesus Linux - Security 3 11-17-2005 05:57 AM
blocking mac address and NAT com90185 Linux - Security 6 03-07-2005 06:37 PM
MAC Address + IPTABLES yvesg Linux - Networking 1 05-10-2004 08:36 PM
iptables - blocking a host by MAC address retiem Linux - Security 6 08-29-2003 11:58 AM
blocking connection through MAC address shahriars Linux - Security 7 06-02-2003 01:45 PM


All times are GMT -5. The time now is 08:59 PM.

Main Menu
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration