LinuxQuestions.org
Review your favorite Linux distribution.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Newbie
User Name
Password
Linux - Newbie This Linux forum is for members that are new to Linux.
Just starting out and have a question? If it is not in the man pages or the how-to's this is the place!

Notices


Reply
  Search this Thread
Old 11-20-2008, 10:02 PM   #1
landysaccount
Member
 
Registered: Sep 2008
Location: Dominican Republic
Distribution: Debian
Posts: 188

Rep: Reputation: 18
Exclamation Mac Filtering Catch 22


Hi All,

Just trying to setup a rule in my firewall that allows only certain clients to go through. Just like wireless routers do. But, I don't know if it would work since I have a fw script with a lot of rules and since iptables packets fall through the filters until there's a match, and stop falling and are filtered as soon as there is one. I've thought it won't work. Let's say a have an user with mac 00:14:BF:4A:4E:2E that is allow to access the internet. Once a packet from that user's matches the following rule:

iptables -A INPUT -m mac --mac-source 00:14:BF:4A:4E:2E -j ACCEPT

it will be granted full access to the sever and other services I block in the script in rules established after. Now, if I use above rule towards the end of the script then the packet can be matched with another rule before it, for ie,

iptables -A INPUT -i eth1 -p tcp -s 192.168.2.0/24 --dport 80 -j ACCEPT

Then, I think it will defeat the purpose to of the FW.

Please give me ideas on how to do this: Allow only mac address through.

Thank you in advanced for your inputs.
 
Old 11-21-2008, 12:36 AM   #2
yowi
Member
 
Registered: Dec 2002
Location: Au
Distribution: Debian
Posts: 209

Rep: Reputation: 54
Using mac address for access control is flawed. mac can be changed with ifconfig.

I think a proxy is what you are after.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
Mac Filtering. sadiqfazal Linux - Server 6 10-29-2008 05:00 AM
MAC-Level Filtering Siva4Linux Linux - Wireless Networking 5 10-17-2006 03:52 AM
MAC Filtering eggoz Linux - Networking 1 06-11-2006 02:11 PM
MAC Filtering eggoz Linux - Networking 3 06-06-2006 03:20 AM
mac address filtering gabsik Linux - Security 8 04-27-2006 09:23 AM


All times are GMT -5. The time now is 06:27 PM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration