LinuxQuestions.org
Visit Jeremy's Blog.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Networking
Reload this Page DESPERATE : Iptables , permit know MAC , block rest.
User Name
Password
Linux - Networking This forum is for any issue related to networks or networking.
Routing, network cards, OSI, etc. Anything is fair game.

Notices

Closed Thread
 
LinkBack Search this Thread
Old 12-14-2003, 12:01 AM   #1
ranjan303
LQ Newbie
 
Registered: Nov 2003
Location: Australia
Posts: 16

Rep: Reputation: 0
Question DESPERATE : Iptables , permit know MAC , block rest.

Hi All,

thanx for reading this. I am trying to authenticate only those PC that I know of and reject access to internet to the rest of them using MACs. The box is running rh9 with iptables is my internet gateway.

Currently I am able to block those staff who bring their laptop after we detect it using a third party software by putting the following rule in iptables

/sbin/iptables -A INPUT -j DROP -m mac --mac-source 08:00:46:67:B1:5E

What I really wanna do is to put all MACs that belong to us in the iptables and only authorise them to access the internet, and block everyone else automatically by default. Is it possible ? How do I do it. Please help, as I spent most of the time scanning ip ranges for unauthorised pcs/laptops.

thanx again,

Ranjan.
Last edited by ranjan303; 12-14-2003 at 12:03 AM.
 
Old 12-14-2003, 06:23 AM   #2
dorian33
Member
 
Registered: Jan 2003
Location: Poland, Warsaw
Distribution: LFS, Gentoo
Posts: 575

Rep: Reputation: 32
Not understand the problem.
The sample line /sbin/iptables -A INPUT -j DROP -m mac --mac-source 08:00:46:67:B1:5E
is working (?).
So why you cannot set default policy to DROP and use
/sbin/iptables -A INPUT -j ACCEPT -m mac --mac-source xx:xx:xx:xx:xx:xx
for your MACs ?
 
Old 12-14-2003, 06:32 AM   #3
ranjan303
LQ Newbie
 
Registered: Nov 2003
Location: Australia
Posts: 16

Original Poster
Rep: Reputation: 0
how would the default policy look like ? sorry I am a total newbie with iptables

thanx for your help ,

Ranjan.
 
Old 12-14-2003, 09:10 AM   #4
david_ross
Moderator
 
Registered: Mar 2003
Location: Scotland
Distribution: Slackware, RedHat, Debian
Posts: 12,047

Rep: Reputation: 58
Please do not post the same thread in more than one forum. Picking the most relevant forum and posting it once there makes it easier for other members to help you and keeps the discussion all in one place.

http://www.linuxquestions.org/rules.php

Please continue the thread here:
http://www.linuxquestions.org/questi...hreadid=125661
 
  


Closed Thread


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off
Trackbacks are Off
Pingbacks are On
Refbacks are Off

Similar Threads
Thread Thread Starter Forum Replies Last Post
block mac address Ammad Linux - General 1 09-11-2005 01:00 PM
DESPERATE : Iptables block users by MAC address. ranjan303 Linux - Security 28 03-29-2005 01:15 AM
IPTables and PPTPD :S (to block or not to block) thewonka Linux - Networking 0 03-24-2005 06:58 PM
allow certain sites and block rest all of them mcgrath Programming 1 11-24-2004 10:53 AM
how to use iptables -m mac --mac-source DeployedOne Linux - Security 3 08-06-2004 03:03 AM


All times are GMT -5. The time now is 05:15 AM.

Contact Us - Advertising Info - Rules - LQ Merchandise - Donations - Contributing Member - LQ Sitemap -
Main Menu
 
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: @linuxquestions
Open Source Consulting | Domain Registration