Can I deny access based on mac or IP address with shorewall?
I've got a rather successful wireless router set up on my gentoo box, but something troubles me. Right now, I've got a pcmcia adapter card in it, and a pcmcia wifi card providing wifi access in ad-hoc mode...
This is, of course, inherently insecure, so how could I set up shorewall to deny access to all mac or IP addresses other than the ones I specify?
I've got a manual ip addressing scheme, so that won't be a problem...
for instance, the router is on 10.0.0.1,
Joe with a mac address of 123 can only connect to the router using IP 10.0.0.100/8
Bob with a mac address of 234 can only connect to the router using IP 10.0.0.110/8
Me, with a mac address of 345 can only connect to the router using IP 10.0.0.101/8
Fred, my next door neighbor has an unknown mac addreses and can't connect to my PC and packets are dropped before routing to the internet. That way he can't even ssh into my machine
Is that setup possible with shorewall?
Last edited by enigma_0Z; 06-02-2005 at 10:39 AM.