DESPERATE : Iptables , permit know MAC , block rest.
Linux - NetworkingThis forum is for any issue related to networks or networking.
Routing, network cards, OSI, etc. Anything is fair game.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
DESPERATE : Iptables , permit know MAC , block rest.
Hi All,
thanx for reading this. I am trying to authenticate only those PC that I know of and reject access to internet to the rest of them using MACs. The box is running rh9 with iptables is my internet gateway.
Currently I am able to block those staff who bring their laptop after we detect it using a third party software by putting the following rule in iptables
/sbin/iptables -A INPUT -j DROP -m mac --mac-source 08:00:46:67:B1:5E
What I really wanna do is to put all MACs that belong to us in the iptables and only authorise them to access the internet, and block everyone else automatically by default. Is it possible ? How do I do it. Please help, as I spent most of the time scanning ip ranges for unauthorised pcs/laptops.
Not understand the problem.
The sample line /sbin/iptables -A INPUT -j DROP -m mac --mac-source 08:00:46:67:B1:5E
is working (?).
So why you cannot set default policy to DROP and use
/sbin/iptables -A INPUT -j ACCEPT -m mac --mac-source xx:xx:xx:xx:xx:xx
for your MACs ?
Please do not post the same thread in more than one forum. Picking the most relevant forum and posting it once there makes it easier for other members to help you and keeps the discussion all in one place.
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.