How-To allow traffic by using a MAC address and IPTABLES ?
I've found that I need to use -m MAC --mac-source xx:xx:xx:xx:xx:xx
But this doesn't seem to work for me.
I want to forward incoming traffic from the internet (at port 3389) to an internal pc on my network (at port 3389 also) but only my Laptop's MAC address is allowed to connect to that port.
I've used this command:
${IPTABLES} -t nat -A PREROUTING -i eth0 -p tcp --dport 3389 -j DNAT --to-destination 10.0.0.2:3389 -m mac --mac-source xx:xx:xx:xx:xx
${IPTABLES} -A FORWARD -p tcp -i eth0 -d 10.0.0.2 --dport 3389 -j ACCEPT
Without the -m mac specified, it works.
(This way even I can't connect to the port, security is to thight
)