iptables match by mac range
I want to restrict access to a wireless network by mac address range - only allowing devices from a certain manufacturer to connect.
I know it is possible to match for a single mac address with iptables. My question is: Can iptables match by mac address range? |
probably not
you can match multiple mac addresses but even if what you ask IS possible it would be unadvisable because ANYone with a card of that manufacturer would be able to access that network, authorized or not it would be more secure to gather the actual mac addresses of your network and set rules in iptables for each card individually that has the bonus of if a specific laptop gets stolen you can just shut off it's mac address and.. no more access to your network from that laptop... |
Alright, thanks for your reply.
|
Don't forget that MAC addresses are trivial to spoof.
|
Quote:
|
All times are GMT -5. The time now is 03:57 AM. |