LinuxQuestions.org - iptables match by mac range

- Linux - Networking (https://www.linuxquestions.org/questions/linux-networking-3/)

- - iptables match by mac range (https://www.linuxquestions.org/questions/linux-networking-3/iptables-match-by-mac-range-708290/)

drij	02-28-2009 07:38 PM

iptables match by mac range

I want to restrict access to a wireless network by mac address range - only allowing devices from a certain manufacturer to connect.
I know it is possible to match for a single mac address with iptables.

My question is: Can iptables match by mac address range?

frieza

02-28-2009 09:53 PM

probably not
you can match multiple mac addresses but even if what you ask IS possible it would be unadvisable because ANYone with a card of that manufacturer would be able to access that network, authorized or not

it would be more secure to gather the actual mac addresses of your network and set rules in iptables for each card individually that has the bonus of if a specific laptop gets stolen you can just shut off it's mac address and.. no more access to your network from that laptop...

drij	03-01-2009 09:34 AM

Alright, thanks for your reply.

anomie

03-01-2009 09:58 PM

Don't forget that MAC addresses are trivial to spoof.

frieza

03-02-2009 10:39 AM

Quote:

Originally Posted by anomie (Post 3461930)

Don't forget that MAC addresses are trivial to spoof.

true that, in fact mac address spoofing was an exercise i had to do back in college for one of my courses

All times are GMT -5. The time now is 03:57 AM.