LinuxQuestions.org
Welcome to the most active Linux Forum on the web.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Newbie
User Name
Password
Linux - Newbie This Linux forum is for members that are new to Linux.
Just starting out and have a question? If it is not in the man pages or the how-to's this is the place!

Notices


Closed Thread
  Search this Thread
Old 07-06-2013, 07:55 AM   #1
rjdbarsal
LQ Newbie
 
Registered: Jun 2013
Posts: 23

Rep: Reputation: Disabled
Unhappy IPTABLES > MAC FILTERING not working


I tried DHCP macfiltering is not enough to secure our networks and I think iptables will...
Thise is my concept:
I set a new laboratory(LAB) network.
My other network is connected to a LAB server running ubuntu 12.04 linux as a router.
And my LAB server is connected to the switch for LAN PCs.
here is the image: https://fbcdn-sphotos-g-a.akamaihd.n...85323098_n.jpg

What I want is:
1. I only want registered mac addresses to be able to have an internet.
2. I want those registered mac addresses connected only to the a specific network address for file sharing.
#. I want to know what are the steps should I follow.
Do I have to:
1. Flush all the iptables rules.
2. Set default policies to DROP
or
the default policies are in the last step of setting up the mac filtering.


I did some work related to these links.
http://www.linuxpakistan.net/forum/v...ic.php?p=35095
http://www.unix.com/security/160564-...c-address.html
https://www.linuxquestions.org/quest...tering-601505/

Code:
#Flusing All IPTABLES Rules

iptables -F
iptables -X
iptables -t nat -F
iptables -t nat -X

#Setting Default Policies To DROP

iptables -P INPUT DROP
iptables -P OUTPUT DROP
iptables -P FORWARD DROP

#MAC Address Filtering
#list of mac addresses save to a mac_addresses_file
cat mac_addresses_file | while read macfile
do
iptables -A FORWARD -i eth1 -o eth0 -m mac --mac-source $macfile -m state --state NEW -j ACCEPT
...
...
...
#I don't really get what I am doing when edit some of the source code and tested it, won't work. (I just don't have the luck.)
#Set default policies to DROP
I am hoping for your help guys.
Thanks
 
Old 07-06-2013, 12:13 PM   #2
unSpawn
Moderator
 
Registered: May 2001
Posts: 29,331
Blog Entries: 55

Rep: Reputation: 3531Reputation: 3531Reputation: 3531Reputation: 3531Reputation: 3531Reputation: 3531Reputation: 3531Reputation: 3531Reputation: 3531Reputation: 3531Reputation: 3531
This effectively is duplicate 2 of 3. That kind of posting behaviour is unnecessary and unwanted. Please think before you post, post your thread once and post it in only one forum. Posting a single thread in the most relevant forum will make it easier for members to help you and will keep the discussion in one place. This thread should be closed because it is a duplicate of http://www.linuxquestions.org/questi...ng-4175468674/.
 
  


Closed Thread

Tags
filtering, iptables, mac address, security, ubuntu 12.04


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
IPTABLES > MAC FILTERING not working rjdbarsal Linux - Server 8 11-20-2015 03:10 PM
IPtables and MAC filtering s3frank Linux - Networking 1 12-06-2011 11:45 AM
IPTABLES Mac filtering hertzzmang Linux - Networking 1 09-27-2009 08:08 AM
iptables + mac address filtering Roko Linux - Networking 1 09-10-2008 08:38 AM
iptables mac filtering Ventrix Linux - Security 1 11-21-2007 08:29 PM


All times are GMT -5. The time now is 07:36 PM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration